Vulnerabilities (CVE)

Filtered by vendor Openvz Subscribe
Filtered by product Vzctl
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-6927 1 Openvz 1 Vzctl 2024-11-21 3.6 LOW N/A
vzctl before 4.9.4 determines the virtual environment (VE) layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory, which allows local simfs container (CT) root users to change the root password for arbitrary ploop containers, as demonstrated by a symlink attack on the ploop container root.hdd file and then access a control panel.