virt-v2v before 0.8.4 does not preserve the VNC console password when converting a guest, which allows local users to bypass the intended VNC authentication by connecting without a password.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Virt-v2v | Matthew_booth | 0.1.0 | 0.1.0 |
| Virt-v2v | Matthew_booth | 0.2.0 | 0.2.0 |
| Virt-v2v | Matthew_booth | 0.3.0 | 0.3.0 |
| Virt-v2v | Matthew_booth | 0.3.2 | 0.3.2 |
| Virt-v2v | Matthew_booth | 0.4.0 | 0.4.0 |
| Virt-v2v | Matthew_booth | 0.4.9 | 0.4.9 |
| Virt-v2v | Matthew_booth | 0.4.10 | 0.4.10 |
| Virt-v2v | Matthew_booth | 0.5.0 | 0.5.0 |
| Virt-v2v | Matthew_booth | 0.5.1 | 0.5.1 |
| Virt-v2v | Matthew_booth | 0.5.2 | 0.5.2 |
| Virt-v2v | Matthew_booth | 0.5.3 | 0.5.3 |
| Virt-v2v | Matthew_booth | 0.5.4 | 0.5.4 |
| Virt-v2v | Matthew_booth | 0.6.0 | 0.6.0 |
| Virt-v2v | Matthew_booth | 0.6.1 | 0.6.1 |
| Virt-v2v | Matthew_booth | 0.6.2 | 0.6.2 |
| Virt-v2v | Matthew_booth | 0.6.3 | 0.6.3 |
| Virt-v2v | Matthew_booth | 0.7.0 | 0.7.0 |
| Virt-v2v | Matthew_booth | 0.7.1 | 0.7.1 |
| Virt-v2v | Matthew_booth | 0.8.0 | 0.8.0 |
| Virt-v2v | Matthew_booth | 0.8.1 | 0.8.1 |
| Virt-v2v | Matthew_booth | 0.8.2 | 0.8.2 |
| Virt-v2v | Matthew_booth | * | 0.8.3 |
| Red Hat Enterprise Linux 6 | RedHat | virt-v2v-0:0.8.3-5.el6 | * |