Insecure VNC Password Preservation in Apache CloudStack

Insecure VNC Password Preservation in Apache CloudStack

CVE-2015-3252 · MEDIUM Severity

AV:N/AC:M/AU:S/C:P/I:P/A:P

Apache CloudStack before 4.5.2 does not properly preserve VNC passwords when migrating KVM virtual machines, which allows remote attackers to gain access by connecting to the VNC server.

Learn more about our Cis Benchmark Audit For Server Software.