Use of default credentials in image-builder - CVE-2024-9594
Published: October 17, 2024
image-builder
Detailed vulnerability description
The vulnerability allows a remote attacker to compromise the image build process.
The vulnerability exists due to default credentials are enabled during the image build process when using the Nutanix, OVA, QEMU or raw providers. A remote attacker with ability to reach the VM where the image build was happening can compromise the image during its build.