As of 2.0.0-M8, this can now be done using the '-allow-remote-access' configuration property the web console will be unavailable without setting this configuration. It was felt that it is safer to require the developer to explicitly enable this capability. When running in prototype mode, the h2 webconsole module (accessible from the Prototype menu) is automatically made available with the ability to directly query the database. Password Storage Application v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Setup page. NOTE: this only affects an "unsupported, production-like configuration."Īn access control issue in the password reset page of IP-COM EW9 V15.11.0.14(9732) allows unauthenticated attackers to arbitrarily change the admin password. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
August 2023
Categories |