A vulnerability has been identified in Ganeti, which could be exploited by remote or local users to compromise a vulnerable system. This issue is caused by an input validation error when processing iallocator names, which could allow authenticated attackers to inject arbitrary commands via "gnt-*" commands or RAPI requests.
Subscribe to VUPEN VNS and receive real-time alerts with CVE, CWE, and CVSS when new advisories or patches relevant to your systems and network configurations are available.
Feedback If you have additional information or corrections for this security advisory please submit them via our contact form.
