2019-03-25 19:29:00 2019-10-10 01:49:44

A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.

Vector

NETWORK

Complexity

LOW

Authentication

SINGLE_INSTANCE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE
Ovirt Vdsm 4.19 (not an official CPE) Ovirt Vdsm 4.19.1 (not an official CPE) Ovirt Vdsm 4.19.2 (not an official CPE) Ovirt Vdsm 4.19.3 (not an official CPE) Ovirt Vdsm 4.19.4 (not an official CPE) Ovirt Vdsm 4.19.5 (not an official CPE) Ovirt Vdsm 4.19.6 (not an official CPE) Ovirt Vdsm 4.19.7 (not an official CPE) Ovirt Vdsm 4.19.8 (not an official CPE) Ovirt Vdsm 4.19.9 (not an official CPE) Ovirt Vdsm 4.19.10 (not an official CPE) Ovirt Vdsm 4.19.10.1 (not an official CPE) Ovirt Vdsm 4.19.11 (not an official CPE) Ovirt Vdsm 4.19.12 (not an official CPE) Ovirt Vdsm 4.19.13 (not an official CPE) Ovirt Vdsm 4.19.14 (not an official CPE) Ovirt Vdsm 4.19.15 (not an official CPE) Ovirt Vdsm 4.19.16 (not an official CPE) Ovirt Vdsm 4.19.17 (not an official CPE) Ovirt Vdsm 4.19.18 (not an official CPE) Ovirt Vdsm 4.19.19 (not an official CPE) Ovirt Vdsm 4.19.20 (not an official CPE) Ovirt Vdsm 4.19.21 (not an official CPE) Ovirt Vdsm 4.19.22 (not an official CPE) Ovirt Vdsm 4.19.23 (not an official CPE) Ovirt Vdsm 4.19.24 (not an official CPE) Ovirt Vdsm 4.19.25 (not an official CPE) Ovirt Vdsm 4.19.26 (not an official CPE) Ovirt Vdsm 4.19.27 (not an official CPE) Ovirt Vdsm 4.19.28 (not an official CPE) Ovirt Vdsm 4.19.29 (not an official CPE) Ovirt Vdsm 4.19.30 (not an official CPE) Ovirt Vdsm 4.19.31 (not an official CPE) Ovirt Vdsm 4.19.32 (not an official CPE) Ovirt Vdsm 4.19.33 (not an official CPE) Ovirt Vdsm 4.19.34 (not an official CPE) Ovirt Vdsm 4.19.35 (not an official CPE) Ovirt Vdsm 4.19.36 (not an official CPE) Ovirt Vdsm 4.19.37 (not an official CPE) Ovirt Vdsm 4.19.38 (not an official CPE) Ovirt Vdsm 4.19.39 (not an official CPE) Ovirt Vdsm 4.19.40 (not an official CPE) Ovirt Vdsm 4.19.41 (not an official CPE) Ovirt Vdsm 4.19.42 (not an official CPE) Ovirt Vdsm 4.19.43 (not an official CPE) Ovirt Vdsm 4.19.44 (not an official CPE) Ovirt Vdsm 4.19.45 (not an official CPE) Ovirt Vdsm 4.19.46 (not an official CPE) Ovirt Vdsm 4.19.47 (not an official CPE) Ovirt Vdsm 4.19.48 (not an official CPE) Ovirt Vdsm 4.19.49 (not an official CPE) Ovirt Vdsm 4.19.50 (not an official CPE) Ovirt Vdsm 4.19.51 (not an official CPE) Ovirt Vdsm 4.20.0 (not an official CPE) Ovirt Vdsm 4.20.1 (not an official CPE) Ovirt Vdsm 4.20.2 (not an official CPE) Ovirt Vdsm 4.20.3 (not an official CPE) Ovirt Vdsm 4.20.4 (not an official CPE) Ovirt Vdsm 4.20.5 (not an official CPE) Ovirt Vdsm 4.20.6 (not an official CPE) Ovirt Vdsm 4.20.7 (not an official CPE) Ovirt Vdsm 4.20.8 (not an official CPE) Ovirt Vdsm 4.20.9 (not an official CPE) Ovirt Vdsm 4.20.9.1 (not an official CPE) Ovirt Vdsm 4.20.9.2 (not an official CPE) Ovirt Vdsm 4.20.9.3 (not an official CPE) Ovirt Vdsm 4.20.10 (not an official CPE) Ovirt Vdsm 4.20.11 (not an official CPE) Ovirt Vdsm 4.20.12 (not an official CPE) Ovirt Vdsm 4.20.13 (not an official CPE) Ovirt Vdsm 4.20.14 (not an official CPE) Ovirt Vdsm 4.20.15 (not an official CPE) Ovirt Vdsm 4.20.16 (not an official CPE) Ovirt Vdsm 4.20.17 (not an official CPE) Ovirt Vdsm 4.20.18 (not an official CPE) Ovirt Vdsm 4.20.19 (not an official CPE) Ovirt Vdsm 4.20.20 (not an official CPE) Ovirt Vdsm 4.20.21 (not an official CPE) Ovirt Vdsm 4.20.22 (not an official CPE) Ovirt Vdsm 4.20.23 (not an official CPE) Ovirt Vdsm 4.20.24 (not an official CPE) Ovirt Vdsm 4.20.25 (not an official CPE) Ovirt Vdsm 4.20.26 (not an official CPE) Ovirt Vdsm 4.20.27 (not an official CPE) Ovirt Vdsm 4.20.27.1 (not an official CPE) Ovirt Vdsm 4.20.28 (not an official CPE) Ovirt Vdsm 4.20.29 (not an official CPE) Ovirt Vdsm 4.20.30 (not an official CPE) Ovirt Vdsm 4.20.31 (not an official CPE) Ovirt Vdsm 4.20.32 (not an official CPE) Ovirt Vdsm 4.20.33 (not an official CPE) Ovirt Vdsm 4.20.34 (not an official CPE) Ovirt Vdsm 4.20.35 (not an official CPE) Ovirt Vdsm 4.20.36 (not an official CPE) Ovirt Vdsm 4.20.37 (not an official CPE) Ovirt Vdsm 4.20.38 (not an official CPE) Ovirt Vdsm 4.20.39 (not an official CPE) Ovirt Vdsm 4.20.39.1 (not an official CPE) Ovirt Vdsm 4.20.40 (not an official CPE) Ovirt Vdsm 4.20.41 (not an official CPE) Ovirt Vdsm 4.20.42 (not an official CPE) Ovirt Vdsm 4.20.43 (not an official CPE) Ovirt Vdsm 4.20.44 (not an official CPE) Ovirt Vdsm 4.20.45 (not an official CPE) Ovirt Vdsm 4.20.46 (not an official CPE) Ovirt Vdsm 4.20.47 (not an official CPE) Ovirt Vdsm 4.30.1 (not an official CPE) Ovirt Vdsm 4.30.2 (not an official CPE) Ovirt Vdsm 4.30.3 (not an official CPE) Ovirt Vdsm 4.30.5 (not an official CPE) Ovirt Vdsm 4.30.6 (not an official CPE) Ovirt Vdsm 4.30.7 (not an official CPE) Ovirt Vdsm 4.30.8 (not an official CPE) Redhat Gluster storage 3.0 (not an official CPE)