(RHSA-2022:8896) Moderate: Red Hat OpenStack Platform 13.0 (python-virtualbmc) security update

2022-12-0810:48:20

access.redhat.com

red hat openstack

python

virtual bmc

security update

ipmi commands

cve-2022-44020

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

17.8%

JSON

A virtual BMC for controlling virtual machines using IPMI
commands.

Security Fix:

VirtualBMC: Removal of password protection from the managed libvirt XML
domain (CVE-2022-44020)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7noarchpython2-virtualbmc-tests< 1.2.0-2.el7ostpython2-virtualbmc-tests-1.2.0-2.el7ost.noarch.rpm
RedHat7noarchpython2-virtualbmc< 1.2.0-2.el7ostpython2-virtualbmc-1.2.0-2.el7ost.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	noarch	python2-virtualbmc-tests	< 1.2.0-2.el7ost	python2-virtualbmc-tests-1.2.0-2.el7ost.noarch.rpm
RedHat	7	noarch	python2-virtualbmc	< 1.2.0-2.el7ost	python2-virtualbmc-1.2.0-2.el7ost.noarch.rpm