All the vulnerabilites related to openstack - manila
cve-2016-6519
Vulnerability from cvelistv5
Published
2017-04-21 15:00
Modified
2024-08-06 01:29
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in the "Shares" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the "Create Share" form.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2016-2115.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2016-2117.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2016-2116.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugs.launchpad.net/manila-ui/+bug/1597738 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/93001 | vdb-entry, x_refsource_BID | |
| http://www.openwall.com/lists/oss-security/2016/09/15/7 | mailing-list, x_refsource_MLIST | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1375147 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:29:20.320Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2016:2115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2115.html"
},
{
"name": "RHSA-2016:2117",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2117.html"
},
{
"name": "RHSA-2016:2116",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2116.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/manila-ui/+bug/1597738"
},
{
"name": "93001",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93001"
},
{
"name": "[oss-security] 20160915 CVE-2016-6519: openstack-manila: Persistent XSS in Metadata field",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/09/15/7"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1375147"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the \"Shares\" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the \"Create Share\" form."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:37",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"name": "RHSA-2016:2115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2115.html"
},
{
"name": "RHSA-2016:2117",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2117.html"
},
{
"name": "RHSA-2016:2116",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2116.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/manila-ui/+bug/1597738"
},
{
"name": "93001",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93001"
},
{
"name": "[oss-security] 20160915 CVE-2016-6519: openstack-manila: Persistent XSS in Metadata field",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/09/15/7"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1375147"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2016-6519",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the \"Shares\" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the \"Create Share\" form."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2016:2115",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2115.html"
},
{
"name": "RHSA-2016:2117",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2117.html"
},
{
"name": "RHSA-2016:2116",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2116.html"
},
{
"name": "https://bugs.launchpad.net/manila-ui/+bug/1597738",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/manila-ui/+bug/1597738"
},
{
"name": "93001",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93001"
},
{
"name": "[oss-security] 20160915 CVE-2016-6519: openstack-manila: Persistent XSS in Metadata field",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/15/7"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1375147",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1375147"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2016-6519",
"datePublished": "2017-04-21T15:00:00",
"dateReserved": "2016-08-02T00:00:00",
"dateUpdated": "2024-08-06T01:29:20.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9543
Vulnerability from cvelistv5
Published
2020-03-12 16:40
Modified
2024-08-04 10:34
Severity ?
EPSS score ?
Summary
OpenStack Manila <7.4.1, >=8.0.0 <8.1.1, and >=9.0.0 <9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.launchpad.net/manila/+bug/1861485 | x_refsource_MISC | |
| https://security.openstack.org/ossa/OSSA-2020-002.html | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2020/03/12/1 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2020/03/12/1 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:34:38.884Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/manila/+bug/1861485"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-002.html"
},
{
"name": "[oss-security] 20200311 [OSSA-2020-002] Manila: Unprivileged users can retrieve, use and manipulate share networks (CVE-2020-9543)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/03/12/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/03/12/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenStack Manila \u003c7.4.1, \u003e=8.0.0 \u003c8.1.1, and \u003e=9.0.0 \u003c9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-12T16:40:49",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/manila/+bug/1861485"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-002.html"
},
{
"name": "[oss-security] 20200311 [OSSA-2020-002] Manila: Unprivileged users can retrieve, use and manipulate share networks (CVE-2020-9543)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/03/12/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openwall.com/lists/oss-security/2020/03/12/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-9543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenStack Manila \u003c7.4.1, \u003e=8.0.0 \u003c8.1.1, and \u003e=9.0.0 \u003c9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/manila/+bug/1861485",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/manila/+bug/1861485"
},
{
"name": "https://security.openstack.org/ossa/OSSA-2020-002.html",
"refsource": "CONFIRM",
"url": "https://security.openstack.org/ossa/OSSA-2020-002.html"
},
{
"name": "[oss-security] 20200311 [OSSA-2020-002] Manila: Unprivileged users can retrieve, use and manipulate share networks (CVE-2020-9543)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/03/12/1"
},
{
"name": "http://www.openwall.com/lists/oss-security/2020/03/12/1",
"refsource": "CONFIRM",
"url": "http://www.openwall.com/lists/oss-security/2020/03/12/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-9543",
"datePublished": "2020-03-12T16:40:20",
"dateReserved": "2020-03-02T00:00:00",
"dateUpdated": "2024-08-04T10:34:38.884Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2020-03-12 17:15
Modified
2024-11-21 05:40
Severity ?
Summary
OpenStack Manila <7.4.1, >=8.0.0 <8.1.1, and >=9.0.0 <9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2020/03/12/1 | Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2020/03/12/1 | Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | https://bugs.launchpad.net/manila/+bug/1861485 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://security.openstack.org/ossa/OSSA-2020-002.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2020/03/12/1 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2020/03/12/1 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/manila/+bug/1861485 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.openstack.org/ossa/OSSA-2020-002.html | Patch, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openstack:manila:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83E27DF7-877D-4D0E-86D7-4D4B1463B97F",
"versionEndExcluding": "7.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openstack:manila:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3460FC85-381C-4BFD-9EEA-CCA46FA9FDD5",
"versionEndExcluding": "8.1.1",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openstack:manila:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2998594D-0B58-4E08-8508-DB1E4DD35CC1",
"versionEndExcluding": "9.1.1",
"versionStartIncluding": "9.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OpenStack Manila \u003c7.4.1, \u003e=8.0.0 \u003c8.1.1, and \u003e=9.0.0 \u003c9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks."
},
{
"lang": "es",
"value": "OpenStack Manila versiones anteriores a 7.4.1, versiones posteriores a 8.0.0 incluy\u00e9ndola y anteriores a 8.1.1, y versiones posteriores a 9.0.0 incluy\u00e9ndola y anteriores a 9.1.1, permite a atacantes visualizar, actualizar, eliminar o compartir recursos que no les pertenecen, debido a una b\u00fasqueda sin contexto de un UUID. Los atacantes tambi\u00e9n pueden crear recursos, tales como sistemas de archivos compartidos y grupos de intercambio sobre esas redes compartidas."
}
],
"id": "CVE-2020-9543",
"lastModified": "2024-11-21T05:40:49.683",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-12T17:15:11.077",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/03/12/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/03/12/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/manila/+bug/1861485"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/03/12/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/03/12/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/manila/+bug/1861485"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-002.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-21 15:59
Modified
2024-11-21 02:56
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the "Shares" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the "Create Share" form.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DAA72A4-AC7D-4544-89D4-5B07961D5A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B8C725-34CF-4340-BE7B-37E58CF706D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*",
"matchCriteriaId": "F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openstack:manila:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F6A85FE-13AF-495E-A434-87ED5AA65C80",
"versionEndIncluding": "2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the \"Shares\" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the \"Create Share\" form."
},
{
"lang": "es",
"value": "La vulnerabilidad XSS en la vista general de los \"Shares\" en Openstack Manila en versiones anteriores a 2.5.1 permite a usuarios no autenticados inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s del campo Metadata en el formulario \"Create Share\"."
}
],
"id": "CVE-2016-6519",
"lastModified": "2024-11-21T02:56:16.933",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-21T15:59:00.537",
"references": [
{
"source": "security@opentext.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2115.html"
},
{
"source": "security@opentext.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2116.html"
},
{
"source": "security@opentext.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2117.html"
},
{
"source": "security@opentext.com",
"url": "http://www.openwall.com/lists/oss-security/2016/09/15/7"
},
{
"source": "security@opentext.com",
"url": "http://www.securityfocus.com/bid/93001"
},
{
"source": "security@opentext.com",
"url": "https://bugs.launchpad.net/manila-ui/+bug/1597738"
},
{
"source": "security@opentext.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1375147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2115.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2116.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2117.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/09/15/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.launchpad.net/manila-ui/+bug/1597738"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1375147"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}