Local Privilege Escalation: Root Password Disclosure in virt-bootstrap 1.1.0

Local Privilege Escalation: Root Password Disclosure in virt-bootstrap 1.1.0

CVE-2019-13314 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

virt-bootstrap 1.1.0 allows local users to discover a root password by listing a process, because this password may be present in the --root-password option to virt_bootstrap.py.

Learn more about our User Device Pen Test.