Red Hat Security Advisory 2024-6487-03 - Updated Release packages that fix several bugs and add various enhancements are now available.
91028e39dcc4a6cacd95836dadac0416b4e83c8c95f513ebe5194db29f7b18d0
The following advisory data is extracted from:
https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6487.json
Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.
- Packet Storm Staff
====================================================================
Red Hat Security Advisory
Synopsis: Important: MTV 2.6.6 Images
Advisory ID: RHSA-2024:6487-03
Product: Migration Toolkit for Virtualization
Advisory URL: https://access.redhat.com/errata/RHSA-2024:6487
Issue date: 2024-09-09
Revision: 03
CVE Names: CVE-2024-8509
====================================================================
Summary:
Updated Release packages that fix several bugs and add various enhancements are now available.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Description:
Migration Toolkit for Virtualization 2.6.6 Images
Security Fix(es):
* Empty bearer token may perform authentication (CVE-2024-8509)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Solution:
CVEs:
CVE-2024-8509
References:
https://access.redhat.com/security/updates/classification/#important
https://bugzilla.redhat.com/show_bug.cgi?id=2310406
https://issues.redhat.com/browse/MTV-1353
https://issues.redhat.com/browse/MTV-1354