AI Score
Confidence
Low
EPSS
Percentile
5.1%
virt-v2v before 0.8.4 does not preserve the VNC console password when converting a guest, which allows local users to bypass the intended VNC authentication by connecting without a password.
rhn.redhat.com/errata/RHSA-2011-1615.html
secunia.com/advisories/47086
www.osvdb.org/77558
bugzilla.redhat.com/show_bug.cgi?id=702754
git.fedorahosted.org/cgit/virt-v2v.git/commit/?id=7e9393129116699d1228bb02b9f65b78584582c1