FortiClient Vulnerability

QEMU CVE-2019-12929 Information Disclosure Vulnerability

Description

** DISPUTED ** The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. Note: This has been disputed as a non-issue since QEMU\'s -qmp interface is meant to be used by trusted users. If one is able to access this interface via a tcp socket open to the internet, then it is an insecure configuration issue.

Affected Applications

QEMU

CVE References

CVE-2019-12929

Other References

https://gitlab.com/qemu-project/qemu/-/issues

ID	70270
Created	Jan 12, 2022
Description Updated	Dec 18, 2023
Risk
Coverage	FortiClient
OS	Windows
Vendor	QEMU
Patch	manual
Application	QEMU

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

QEMU CVE-2019-12929 Information Disclosure Vulnerability

Description

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

QEMU CVE-2019-12929 Information Disclosure Vulnerability

Description

Affected Applications

CVE References

Other References

Threat Intelligence
Center