Unknown · Virt-Bootstrap · CVE-2019-13314
**Name of the Vulnerable Software and Affected Versions**
virt-bootstrap version 1.1.0
**Description**
The issue allows local users to discover a root password by listing a process. This is because the root password may be present in the `--root-password` option to `virt bootstrap.py`.
**Recommendations**
For virt-bootstrap version 1.1.0, consider restricting access to the process list to minimize the risk of exploitation. As a temporary workaround, avoid using the `--root-password` option in `virt bootstrap.py` until a patch is available.