cpe:/a:qemu:qemu:0.1 cpe:/a:qemu:qemu:0.1.1 cpe:/a:qemu:qemu:0.1.2 cpe:/a:qemu:qemu:0.1.3 cpe:/a:qemu:qemu:0.1.4 cpe:/a:qemu:qemu:0.1.5 cpe:/a:qemu:qemu:0.1.6 cpe:/a:qemu:qemu:0.10.0 cpe:/a:qemu:qemu:0.10.1 cpe:/a:qemu:qemu:0.10.2 cpe:/a:qemu:qemu:0.10.3 cpe:/a:qemu:qemu:0.10.4 cpe:/a:qemu:qemu:0.10.5 cpe:/a:qemu:qemu:0.10.6 cpe:/a:qemu:qemu:0.11.0:rc0 cpe:/a:qemu:qemu:0.11.0:rc1 cpe:/a:qemu:qemu:0.11.0:rc2 CVE-2011-0011 2012-06-21T11:55:05.863-04:00 2017-08-16T21:33:22.727-04:00 4.3 ADJACENT_NETWORK HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2012-06-21T15:23:00.000-04:00 SECUNIA 42830 SECUNIA 43272 SECUNIA 43733 SECUNIA 44393 OSVDB 70992 REDHAT RHSA-2011:0345 UBUNTU USN-1063-1 MLIST [oss-security] 20110110 CVE request: qemu-kvm: Setting VNC password to empty string silently disables all authentication MLIST [oss-security] 20110110 Re: CVE request: qemu-kvm: Setting VNC password to empty string silently disables all authentication MLIST [oss-security] 20110112 Re: CVE request: qemu-kvm: Setting VNC password to empty string silently disables all authentication MISC https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/697197 XF qemu-vnc-security-bypass(65215) qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote attackers to bypass authentication and establish VNC sessions.