Vulnerabilites related to openstack - nova
CVE-2012-1585 (GCVE-0-2012-1585)
Vulnerability from cvelistv5
Published
2012-08-17 00:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osdir.com/ml/openstack-cloud-computing/2012-03/msg01133.html | mailing-list, x_refsource_MLIST | |
| https://bugs.launchpad.net/nova/+bug/962515 | x_refsource_MISC | |
| http://lwn.net/Alerts/491298/ | vendor-advisory, x_refsource_FEDORA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T19:01:02.665Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[Openstack] 20120329 [OSSA 2012-003] Long server names grow nova-api log files significantly (CVE-2012-1585)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://osdir.com/ml/openstack-cloud-computing/2012-03/msg01133.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.launchpad.net/nova/+bug/962515", }, { name: "FEDORA-2012-5026", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lwn.net/Alerts/491298/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2012-08-17T00:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[Openstack] 20120329 [OSSA 2012-003] Long server names grow nova-api log files significantly (CVE-2012-1585)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://osdir.com/ml/openstack-cloud-computing/2012-03/msg01133.html", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.launchpad.net/nova/+bug/962515", }, { name: "FEDORA-2012-5026", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lwn.net/Alerts/491298/", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2012-1585", datePublished: "2012-08-17T00:00:00Z", dateReserved: "2012-03-12T00:00:00Z", dateUpdated: "2024-08-06T19:01:02.665Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-0259 (GCVE-0-2015-0259)
Vulnerability from cvelistv5
Published
2015-04-01 14:00
Modified
2024-08-06 04:03
Severity ?
EPSS score ?
Summary
OpenStack Compute (Nova) before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.openstack.org/pipermail/openstack-announce/2015-March/000341.html | mailing-list, x_refsource_MLIST | |
| http://rhn.redhat.com/errata/RHSA-2015-0844.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2015-0790.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2015-0843.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugs.launchpad.net/nova/+bug/1409142 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:03:10.856Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[openstack-announce] 20150313 [OSSA 2015-005] Nova console Cross-Site WebSocket hijacking (CVE-2015-0259)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lists.openstack.org/pipermail/openstack-announce/2015-March/000341.html", }, { name: "RHSA-2015:0844", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0844.html", }, { name: "RHSA-2015:0790", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0790.html", }, { name: "RHSA-2015:0843", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0843.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/nova/+bug/1409142", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-03-13T00:00:00", descriptions: [ { lang: "en", value: "OpenStack Compute (Nova) before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2015-04-28T16:57:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[openstack-announce] 20150313 [OSSA 2015-005] Nova console Cross-Site WebSocket hijacking (CVE-2015-0259)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lists.openstack.org/pipermail/openstack-announce/2015-March/000341.html", }, { name: "RHSA-2015:0844", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0844.html", }, { name: "RHSA-2015:0790", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0790.html", }, { name: "RHSA-2015:0843", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0843.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/nova/+bug/1409142", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-0259", datePublished: "2015-04-01T14:00:00", dateReserved: "2014-11-18T00:00:00", dateUpdated: "2024-08-06T04:03:10.856Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2013-7048 (GCVE-0-2013-7048)
Vulnerability from cvelistv5
Published
2014-01-23 21:00
Modified
2024-08-06 17:53
Severity ?
EPSS score ?
Summary
OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.launchpad.net/nova/+bug/1227027 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2014-0231.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.openwall.com/lists/oss-security/2014/01/13/2 | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T17:53:45.862Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/nova/+bug/1227027", }, { name: "RHSA-2014:0231", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0231.html", }, { name: "[oss-security] 20140113 [OSSA 2014-001] Nova live snapshots use an insecure local directory (CVE-2013-7048)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2014/01/13/2", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-09-18T00:00:00", descriptions: [ { lang: "en", value: "OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2014-03-06T14:57:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/nova/+bug/1227027", }, { name: "RHSA-2014:0231", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0231.html", }, { name: "[oss-security] 20140113 [OSSA 2014-001] Nova live snapshots use an insecure local directory (CVE-2013-7048)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2014/01/13/2", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2013-7048", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.launchpad.net/nova/+bug/1227027", refsource: "CONFIRM", url: "https://bugs.launchpad.net/nova/+bug/1227027", }, { name: "RHSA-2014:0231", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-0231.html", }, { name: "[oss-security] 20140113 [OSSA 2014-001] Nova live snapshots use an insecure local directory (CVE-2013-7048)", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2014/01/13/2", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2013-7048", datePublished: "2014-01-23T21:00:00", dateReserved: "2013-12-11T00:00:00", dateUpdated: "2024-08-06T17:53:45.862Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-3654 (GCVE-0-2021-3654)
Vulnerability from cvelistv5
Published
2022-03-02 00:00
Modified
2024-08-03 17:01
Severity ?
EPSS score ?
Summary
A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | openstack-nova |
Version: Affects - Nova: <21.2.3, >=22.0.0 <22.2.3, >=23.0.0 <23.0.3 | Fixed-In 21.2.3, 22.3.0, and 23.1.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T17:01:07.959Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://security.openstack.org/ossa/OSSA-2021-002.html", }, { tags: [ "x_transferred", ], url: "https://bugs.launchpad.net/nova/+bug/1927677", }, { tags: [ "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2021/07/29/2", }, { tags: [ "x_transferred", ], url: "https://bugs.python.org/issue32084", }, { tags: [ "x_transferred", ], url: "https://opendev.org/openstack/nova/commit/04d48527b62a35d912f93bc75613a6cca606df66", }, { tags: [ "x_transferred", ], url: "https://opendev.org/openstack/nova/commit/8906552cfc2525a44251d4cf313ece61e57251eb", }, { tags: [ "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1961439", }, { name: "GLSA-202305-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202305-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "openstack-nova", vendor: "n/a", versions: [ { status: "affected", version: "Affects - Nova: <21.2.3, >=22.0.0 <22.2.3, >=23.0.0 <23.0.3 | Fixed-In 21.2.3, 22.3.0, and 23.1.0", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-601", description: "CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-03T00:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { url: "https://security.openstack.org/ossa/OSSA-2021-002.html", }, { url: "https://bugs.launchpad.net/nova/+bug/1927677", }, { url: "https://www.openwall.com/lists/oss-security/2021/07/29/2", }, { url: "https://bugs.python.org/issue32084", }, { url: "https://opendev.org/openstack/nova/commit/04d48527b62a35d912f93bc75613a6cca606df66", }, { url: "https://opendev.org/openstack/nova/commit/8906552cfc2525a44251d4cf313ece61e57251eb", }, { url: "https://bugzilla.redhat.com/show_bug.cgi?id=1961439", }, { name: "GLSA-202305-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202305-02", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2021-3654", datePublished: "2022-03-02T00:00:00", dateReserved: "2021-07-20T00:00:00", dateUpdated: "2024-08-03T17:01:07.959Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2011-4076 (GCVE-0-2011-4076)
Vulnerability from cvelistv5
Published
2019-11-26 03:53
Modified
2024-08-06 23:53
Severity ?
EPSS score ?
Summary
OpenStack Nova before 2012.1 allows someone with access to an EC2_ACCESS_KEY (equivalent to a username) to obtain the EC2_SECRET_KEY (equivalent to a password). Exposing the EC2_ACCESS_KEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2_SECRET_KEY. An attacker could also presumably brute force values for EC2_ACCESS_KEY.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security-tracker.debian.org/tracker/CVE-2011-4076 | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4076 | x_refsource_MISC | |
| https://access.redhat.com/security/cve/cve-2011-4076 | x_refsource_MISC | |
| https://bugs.launchpad.net/nova/+bug/868360 | x_refsource_MISC | |
| https://www.openwall.com/lists/oss-security/2011/10/25/4 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T23:53:32.881Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://security-tracker.debian.org/tracker/CVE-2011-4076", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4076", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://access.redhat.com/security/cve/cve-2011-4076", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.launchpad.net/nova/+bug/868360", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2011/10/25/4", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "nova", vendor: "nova", versions: [ { status: "affected", version: "2014.1.3-11", }, ], }, ], descriptions: [ { lang: "en", value: "OpenStack Nova before 2012.1 allows someone with access to an EC2_ACCESS_KEY (equivalent to a username) to obtain the EC2_SECRET_KEY (equivalent to a password). Exposing the EC2_ACCESS_KEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2_SECRET_KEY. An attacker could also presumably brute force values for EC2_ACCESS_KEY.", }, ], problemTypes: [ { descriptions: [ { description: "Other", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-26T03:53:58", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://security-tracker.debian.org/tracker/CVE-2011-4076", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4076", }, { tags: [ "x_refsource_MISC", ], url: "https://access.redhat.com/security/cve/cve-2011-4076", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.launchpad.net/nova/+bug/868360", }, { tags: [ "x_refsource_MISC", ], url: "https://www.openwall.com/lists/oss-security/2011/10/25/4", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2011-4076", datePublished: "2019-11-26T03:53:58", dateReserved: "2011-10-18T00:00:00", dateUpdated: "2024-08-06T23:53:32.881Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2017-18191 (GCVE-0-2017-18191)
Vulnerability from cvelistv5
Published
2018-02-19 17:00
Modified
2024-08-05 21:13
Severity ?
EPSS score ?
Summary
An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error also results in data loss, but that is not a vulnerability because the user loses their own data.) All Nova setups supporting encrypted volumes are affected.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/103104 | vdb-entry, x_refsource_BID | |
| https://access.redhat.com/errata/RHSA-2018:2714 | vendor-advisory, x_refsource_REDHAT | |
| https://review.openstack.org/539893 | x_refsource_CONFIRM | |
| http://openwall.com/lists/oss-security/2018/04/20/3 | x_refsource_MISC | |
| https://security.openstack.org/ossa/OSSA-2018-001.html | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2018:2332 | vendor-advisory, x_refsource_REDHAT | |
| https://launchpad.net/bugs/1739593 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2018:2855 | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T21:13:49.181Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "103104", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/103104", }, { name: "RHSA-2018:2714", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2714", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://review.openstack.org/539893", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2018/04/20/3", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.openstack.org/ossa/OSSA-2018-001.html", }, { name: "RHSA-2018:2332", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2332", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://launchpad.net/bugs/1739593", }, { name: "RHSA-2018:2855", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2855", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-02-19T00:00:00", descriptions: [ { lang: "en", value: "An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error also results in data loss, but that is not a vulnerability because the user loses their own data.) All Nova setups supporting encrypted volumes are affected.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-03T09:57:02", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "103104", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/103104", }, { name: "RHSA-2018:2714", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2714", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://review.openstack.org/539893", }, { tags: [ "x_refsource_MISC", ], url: "http://openwall.com/lists/oss-security/2018/04/20/3", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.openstack.org/ossa/OSSA-2018-001.html", }, { name: "RHSA-2018:2332", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2332", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://launchpad.net/bugs/1739593", }, { name: "RHSA-2018:2855", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2855", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-18191", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error also results in data loss, but that is not a vulnerability because the user loses their own data.) All Nova setups supporting encrypted volumes are affected.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "103104", refsource: "BID", url: "http://www.securityfocus.com/bid/103104", }, { name: "RHSA-2018:2714", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2714", }, { name: "https://review.openstack.org/539893", refsource: "CONFIRM", url: "https://review.openstack.org/539893", }, { name: "http://openwall.com/lists/oss-security/2018/04/20/3", refsource: "MISC", url: "http://openwall.com/lists/oss-security/2018/04/20/3", }, { name: "https://security.openstack.org/ossa/OSSA-2018-001.html", refsource: "CONFIRM", url: "https://security.openstack.org/ossa/OSSA-2018-001.html", }, { name: "RHSA-2018:2332", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2332", }, { name: "https://launchpad.net/bugs/1739593", refsource: "CONFIRM", url: "https://launchpad.net/bugs/1739593", }, { name: "RHSA-2018:2855", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2855", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-18191", datePublished: "2018-02-19T17:00:00", dateReserved: "2018-02-19T00:00:00", dateUpdated: "2024-08-05T21:13:49.181Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-8749 (GCVE-0-2015-8749)
Vulnerability from cvelistv5
Published
2016-01-15 19:00
Modified
2024-08-06 08:29
Severity ?
EPSS score ?
Summary
The volume_utils._parse_volume_info function in OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty) includes the connection_info dictionary in the StorageError message when using the Xen backend, which might allow attackers to obtain sensitive password information by reading log files or other unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2016/01/07/9 | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/80189 | vdb-entry, x_refsource_BID | |
| https://security.openstack.org/ossa/OSSA-2016-002.html | x_refsource_CONFIRM | |
| https://bugs.launchpad.net/nova/+bug/1516765 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2016/01/07/8 | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T08:29:21.589Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20160107 Re: CVE request for vulnerability in OpenStack Nova", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/01/07/9", }, { name: "80189", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/80189", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.openstack.org/ossa/OSSA-2016-002.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/nova/+bug/1516765", }, { name: "[oss-security] 20160107 CVE request for vulnerability in OpenStack Nova", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/01/07/8", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-01-07T00:00:00", descriptions: [ { lang: "en", value: "The volume_utils._parse_volume_info function in OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty) includes the connection_info dictionary in the StorageError message when using the Xen backend, which might allow attackers to obtain sensitive password information by reading log files or other unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-11-25T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[oss-security] 20160107 Re: CVE request for vulnerability in OpenStack Nova", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/01/07/9", }, { name: "80189", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/80189", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.openstack.org/ossa/OSSA-2016-002.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/nova/+bug/1516765", }, { name: "[oss-security] 20160107 CVE request for vulnerability in OpenStack Nova", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/01/07/8", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-8749", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The volume_utils._parse_volume_info function in OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty) includes the connection_info dictionary in the StorageError message when using the Xen backend, which might allow attackers to obtain sensitive password information by reading log files or other unspecified vectors.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20160107 Re: CVE request for vulnerability in OpenStack Nova", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/01/07/9", }, { name: "80189", refsource: "BID", url: "http://www.securityfocus.com/bid/80189", }, { name: "https://security.openstack.org/ossa/OSSA-2016-002.html", refsource: "CONFIRM", url: "https://security.openstack.org/ossa/OSSA-2016-002.html", }, { name: "https://bugs.launchpad.net/nova/+bug/1516765", refsource: "CONFIRM", url: "https://bugs.launchpad.net/nova/+bug/1516765", }, { name: "[oss-security] 20160107 CVE request for vulnerability in OpenStack Nova", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2016/01/07/8", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-8749", datePublished: "2016-01-15T19:00:00", dateReserved: "2016-01-07T00:00:00", dateUpdated: "2024-08-06T08:29:21.589Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-7713 (GCVE-0-2015-7713)
Vulnerability from cvelistv5
Published
2015-10-29 20:00
Modified
2024-08-06 07:58
Severity ?
EPSS score ?
Summary
OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/76960 | vdb-entry, x_refsource_BID | |
| https://bugs.launchpad.net/nova/+bug/1491307 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2015:2673 | vendor-advisory, x_refsource_REDHAT | |
| https://bugs.launchpad.net/nova/+bug/1492961 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2015-2684.html | vendor-advisory, x_refsource_REDHAT | |
| https://security.openstack.org/ossa/OSSA-2015-021.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T07:58:59.895Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "76960", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/76960", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/nova/+bug/1491307", }, { name: "RHSA-2015:2673", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2015:2673", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/nova/+bug/1492961", }, { name: "RHSA-2015:2684", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2684.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.openstack.org/ossa/OSSA-2015-021.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-10-06T00:00:00", descriptions: [ { lang: "en", value: "OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-05T14:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "76960", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/76960", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/nova/+bug/1491307", }, { name: "RHSA-2015:2673", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2015:2673", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/nova/+bug/1492961", }, { name: "RHSA-2015:2684", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2684.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.openstack.org/ossa/OSSA-2015-021.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-7713", datePublished: "2015-10-29T20:00:00", dateReserved: "2015-10-06T00:00:00", dateUpdated: "2024-08-06T07:58:59.895Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2012-0030 (GCVE-0-2012-0030)
Vulnerability from cvelistv5
Published
2012-01-13 18:00
Modified
2024-08-06 18:09
Severity ?
EPSS score ?
Summary
Nova 2011.3 and Essex, when using the OpenStack API, allows remote authenticated users to bypass access restrictions for tenants of other users via an OSAPI request with a modified project_id URI parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/72296 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/47543 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.ubuntu.com/usn/USN-1326-1 | vendor-advisory, x_refsource_UBUNTU | |
| https://github.com/openstack/nova/commit/3d4ffb64f1e18117240c26809788528979e3bd15#diff-0 | x_refsource_CONFIRM | |
| https://lists.launchpad.net/openstack/msg06648.html | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/51370 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T18:09:17.303Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "nova-security-bypass(72296)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/72296", }, { name: "47543", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/47543", }, { name: "USN-1326-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-1326-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/openstack/nova/commit/3d4ffb64f1e18117240c26809788528979e3bd15#diff-0", }, { name: "[openstack] 20120111 [OSSA 2012-001] Tenant bypass by authenticated users using OpenStack API (CVE-2012-0030)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.launchpad.net/openstack/msg06648.html", }, { name: "51370", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/51370", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2012-01-11T00:00:00", descriptions: [ { lang: "en", value: "Nova 2011.3 and Essex, when using the OpenStack API, allows remote authenticated users to bypass access restrictions for tenants of other users via an OSAPI request with a modified project_id URI parameter.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-28T12:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "nova-security-bypass(72296)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/72296", }, { name: "47543", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/47543", }, { name: "USN-1326-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-1326-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/openstack/nova/commit/3d4ffb64f1e18117240c26809788528979e3bd15#diff-0", }, { name: "[openstack] 20120111 [OSSA 2012-001] Tenant bypass by authenticated users using OpenStack API (CVE-2012-0030)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.launchpad.net/openstack/msg06648.html", }, { name: "51370", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/51370", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2012-0030", datePublished: "2012-01-13T18:00:00", dateReserved: "2011-12-07T00:00:00", dateUpdated: "2024-08-06T18:09:17.303Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-37394 (GCVE-0-2022-37394)
Vulnerability from cvelistv5
Published
2022-08-03 06:43
Modified
2024-08-03 10:29
Severity ?
EPSS score ?
Summary
An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnic_type, creating an instance bound to that port, and then changing the vnic_type of the bound port to macvtap, an authenticated user may cause the compute service to fail to restart, resulting in a possible denial of service. Only Nova deployments configured with SR-IOV are affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.launchpad.net/ossa/+bug/1981813 | x_refsource_MISC | |
| https://review.opendev.org/c/openstack/nova/+/849985 | x_refsource_MISC | |
| https://review.opendev.org/c/openstack/nova/+/850003 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:29:20.965Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.launchpad.net/ossa/+bug/1981813", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://review.opendev.org/c/openstack/nova/+/849985", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://review.opendev.org/c/openstack/nova/+/850003", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnic_type, creating an instance bound to that port, and then changing the vnic_type of the bound port to macvtap, an authenticated user may cause the compute service to fail to restart, resulting in a possible denial of service. Only Nova deployments configured with SR-IOV are affected.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-03T06:43:44", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugs.launchpad.net/ossa/+bug/1981813", }, { tags: [ "x_refsource_MISC", ], url: "https://review.opendev.org/c/openstack/nova/+/849985", }, { tags: [ "x_refsource_MISC", ], url: "https://review.opendev.org/c/openstack/nova/+/850003", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-37394", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnic_type, creating an instance bound to that port, and then changing the vnic_type of the bound port to macvtap, an authenticated user may cause the compute service to fail to restart, resulting in a possible denial of service. Only Nova deployments configured with SR-IOV are affected.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.launchpad.net/ossa/+bug/1981813", refsource: "MISC", url: "https://bugs.launchpad.net/ossa/+bug/1981813", }, { name: "https://review.opendev.org/c/openstack/nova/+/849985", refsource: "MISC", url: "https://review.opendev.org/c/openstack/nova/+/849985", }, { name: "https://review.opendev.org/c/openstack/nova/+/850003", refsource: "MISC", url: "https://review.opendev.org/c/openstack/nova/+/850003", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-37394", datePublished: "2022-08-03T06:43:44", dateReserved: "2022-08-03T00:00:00", dateUpdated: "2024-08-03T10:29:20.965Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-8333 (GCVE-0-2014-8333)
Vulnerability from cvelistv5
Published
2014-10-31 14:00
Modified
2024-08-06 13:18
Severity ?
EPSS score ?
Summary
The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/60531 | third-party-advisory, x_refsource_SECUNIA | |
| https://bugs.launchpad.net/nova/+bug/1359138 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2015-0844.html | vendor-advisory, x_refsource_REDHAT | |
| http://lists.openstack.org/pipermail/openstack-announce/2014-October/000298.html | mailing-list, x_refsource_MLIST | |
| http://rhn.redhat.com/errata/RHSA-2015-0843.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:18:46.441Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "60531", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60531", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/nova/+bug/1359138", }, { name: "RHSA-2015:0844", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0844.html", }, { name: "[openstack-announce] 20141021 [OSSA 2014-037] Nova VMware instance in resize state may leak (CVE-2014-8333)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lists.openstack.org/pipermail/openstack-announce/2014-October/000298.html", }, { name: "RHSA-2015:0843", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0843.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-09-05T00:00:00", descriptions: [ { lang: "en", value: "The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2015-04-28T16:57:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "60531", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60531", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/nova/+bug/1359138", }, { name: "RHSA-2015:0844", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0844.html", }, { name: "[openstack-announce] 20141021 [OSSA 2014-037] Nova VMware instance in resize state may leak (CVE-2014-8333)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lists.openstack.org/pipermail/openstack-announce/2014-October/000298.html", }, { name: "RHSA-2015:0843", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0843.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-8333", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "60531", refsource: "SECUNIA", url: "http://secunia.com/advisories/60531", }, { name: "https://bugs.launchpad.net/nova/+bug/1359138", refsource: "CONFIRM", url: "https://bugs.launchpad.net/nova/+bug/1359138", }, { name: "RHSA-2015:0844", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0844.html", }, { name: "[openstack-announce] 20141021 [OSSA 2014-037] Nova VMware instance in resize state may leak (CVE-2014-8333)", refsource: "MLIST", url: "http://lists.openstack.org/pipermail/openstack-announce/2014-October/000298.html", }, { name: "RHSA-2015:0843", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0843.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-8333", datePublished: "2014-10-31T14:00:00", dateReserved: "2014-10-20T00:00:00", dateUpdated: "2024-08-06T13:18:46.441Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2011-4596 (GCVE-0-2011-4596)
Vulnerability from cvelistv5
Published
2011-12-23 22:00
Modified
2024-08-07 00:09
Severity ?
EPSS score ?
Summary
Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted (1) tarball or (2) manifest.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/openstack/nova/commit/ad3241929ea00569c74505ed002208ce360c667e | x_refsource_CONFIRM | |
| https://bugs.launchpad.net/nova/+bug/894755 | x_refsource_CONFIRM | |
| https://lists.launchpad.net/openstack/msg06105.html | mailing-list, x_refsource_MLIST | |
| https://github.com/openstack/nova/commit/76363226bd8533256f7795bba358d7f4b8a6c9e6 | x_refsource_CONFIRM | |
| https://bugs.launchpad.net/nova/+bug/885167 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T00:09:19.335Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/openstack/nova/commit/ad3241929ea00569c74505ed002208ce360c667e", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/nova/+bug/894755", }, { name: "[openstack] 20111213 [OSSA 2011-001] Path traversal issues registering malicious images using EC2 API (CVE-2011-4596)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.launchpad.net/openstack/msg06105.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/openstack/nova/commit/76363226bd8533256f7795bba358d7f4b8a6c9e6", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/nova/+bug/885167", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted (1) tarball or (2) manifest.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2011-12-23T22:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/openstack/nova/commit/ad3241929ea00569c74505ed002208ce360c667e", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/nova/+bug/894755", }, { name: "[openstack] 20111213 [OSSA 2011-001] Path traversal issues registering malicious images using EC2 API (CVE-2011-4596)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.launchpad.net/openstack/msg06105.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/openstack/nova/commit/76363226bd8533256f7795bba358d7f4b8a6c9e6", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/nova/+bug/885167", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2011-4596", datePublished: "2011-12-23T22:00:00Z", dateReserved: "2011-11-29T00:00:00Z", dateUpdated: "2024-08-07T00:09:19.335Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2024-40767 (GCVE-0-2024-40767)
Vulnerability from cvelistv5
Published
2024-07-24 00:00
Modified
2025-03-19 14:19
Severity ?
EPSS score ?
Summary
In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Nova deployments are affected. NOTE: this issue exists because of an incomplete fix for CVE-2022-47951 and CVE-2024-32498.
References
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-40767", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-24T14:47:09.000894Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-552", description: "CWE-552 Files or Directories Accessible to External Parties", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-19T14:19:41.293Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T04:39:54.912Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://launchpad.net/bugs/2071734", }, { tags: [ "x_transferred", ], url: "https://security.openstack.org", }, { tags: [ "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2024/07/23/2", }, { tags: [ "x_transferred", ], url: "https://security.openstack.org/ossa/OSSA-2024-002.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Nova deployments are affected. NOTE: this issue exists because of an incomplete fix for CVE-2022-47951 and CVE-2024-32498.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-25T16:41:45.397Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://launchpad.net/bugs/2071734", }, { url: "https://security.openstack.org", }, { url: "https://www.openwall.com/lists/oss-security/2024/07/23/2", }, { url: "https://security.openstack.org/ossa/OSSA-2024-002.html", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-40767", datePublished: "2024-07-24T00:00:00.000Z", dateReserved: "2024-07-10T00:00:00.000Z", dateUpdated: "2025-03-19T14:19:41.293Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-17376 (GCVE-0-2020-17376)
Vulnerability from cvelistv5
Published
2020-08-26 18:45
Modified
2024-08-04 13:53
Severity ?
EPSS score ?
Summary
An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova before 19.3.1, 20.x before 20.3.1, and 21.0.0. By performing a soft reboot of an instance that has previously undergone live migration, a user may gain access to destination host devices that share the same paths as host devices previously referenced by the virtual machine on the source host. This can include block devices that map to different Cinder volumes at the destination than at the source. Only deployments allowing host-based connections (for instance, root and ephemeral devices) are affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://launchpad.net/bugs/1890501 | x_refsource_MISC | |
| https://security.openstack.org/ossa/OSSA-2020-006.html | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2020/08/25/4 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T13:53:16.983Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.net/bugs/1890501", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.openstack.org/ossa/OSSA-2020-006.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2020/08/25/4", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-08-25T00:00:00", descriptions: [ { lang: "en", value: "An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova before 19.3.1, 20.x before 20.3.1, and 21.0.0. By performing a soft reboot of an instance that has previously undergone live migration, a user may gain access to destination host devices that share the same paths as host devices previously referenced by the virtual machine on the source host. This can include block devices that map to different Cinder volumes at the destination than at the source. Only deployments allowing host-based connections (for instance, root and ephemeral devices) are affected.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-26T18:45:28", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://launchpad.net/bugs/1890501", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.openstack.org/ossa/OSSA-2020-006.html", }, { tags: [ "x_refsource_MISC", ], url: "http://www.openwall.com/lists/oss-security/2020/08/25/4", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-17376", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova before 19.3.1, 20.x before 20.3.1, and 21.0.0. By performing a soft reboot of an instance that has previously undergone live migration, a user may gain access to destination host devices that share the same paths as host devices previously referenced by the virtual machine on the source host. This can include block devices that map to different Cinder volumes at the destination than at the source. Only deployments allowing host-based connections (for instance, root and ephemeral devices) are affected.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://launchpad.net/bugs/1890501", refsource: "MISC", url: "https://launchpad.net/bugs/1890501", }, { name: "https://security.openstack.org/ossa/OSSA-2020-006.html", refsource: "CONFIRM", url: "https://security.openstack.org/ossa/OSSA-2020-006.html", }, { name: "http://www.openwall.com/lists/oss-security/2020/08/25/4", refsource: "MISC", url: "http://www.openwall.com/lists/oss-security/2020/08/25/4", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-17376", datePublished: "2020-08-26T18:45:28", dateReserved: "2020-08-07T00:00:00", dateUpdated: "2024-08-04T13:53:16.983Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2012-2101 (GCVE-0-2012-2101)
Vulnerability from cvelistv5
Published
2012-06-07 19:00
Modified
2024-08-06 19:26
Severity ?
EPSS score ?
Summary
Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authenticated users with certain permissions to cause a denial of service (CPU and hard drive consumption) via a network request that triggers a large number of iptables rules.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T19:26:08.143Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/openstack/nova/commit/1f644d210557b1254f7c7b39424b09a45329ade7", }, { name: "81641", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/81641", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb", }, { name: "USN-1438-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://ubuntu.com/usn/usn-1438-1", }, { name: "[openstack] 20120419 [OSSA 2012-005] No quota enforced on security group rules", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.launchpad.net/openstack/msg10268.html", }, { name: "nova-quotas-dos(75243)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/75243", }, { name: "FEDORA-2012-6365", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079434.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64", }, { name: "FEDORA-2012-6273", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079551.html", }, { name: "49048", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/49048", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/nova/+bug/969545", }, { name: "49034", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/49034", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2012-04-19T00:00:00", descriptions: [ { lang: "en", value: "Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authenticated users with certain permissions to cause a denial of service (CPU and hard drive consumption) via a network request that triggers a large number of iptables rules.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-28T12:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/openstack/nova/commit/1f644d210557b1254f7c7b39424b09a45329ade7", }, { name: "81641", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/81641", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb", }, { name: "USN-1438-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://ubuntu.com/usn/usn-1438-1", }, { name: "[openstack] 20120419 [OSSA 2012-005] No quota enforced on security group rules", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.launchpad.net/openstack/msg10268.html", }, { name: "nova-quotas-dos(75243)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/75243", }, { name: "FEDORA-2012-6365", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079434.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64", }, { name: "FEDORA-2012-6273", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079551.html", }, { name: "49048", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/49048", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/nova/+bug/969545", }, { name: "49034", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/49034", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2012-2101", datePublished: "2012-06-07T19:00:00", dateReserved: "2012-04-04T00:00:00", dateUpdated: "2024-08-06T19:26:08.143Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2013-2256 (GCVE-0-2013-2256)
Vulnerability from cvelistv5
Published
2013-09-16 19:00
Modified
2024-08-06 15:27
Severity ?
EPSS score ?
Summary
OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to obtain sensitive information (flavor properties), boot arbitrary flavors, and possibly have other unspecified impacts by guessing the flavor id.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2013-1199.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugs.launchpad.net/nova/+bug/1194093 | x_refsource_CONFIRM | |
| http://seclists.org/oss-sec/2013/q3/281 | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T15:27:41.073Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2013:1199", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1199.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/nova/+bug/1194093", }, { name: "[oss-security] 20130806 [OSSA 2013-019] Resource limit circumvention in Nova private flavors (CVE-2013-2256)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2013/q3/281", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to obtain sensitive information (flavor properties), boot arbitrary flavors, and possibly have other unspecified impacts by guessing the flavor id.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-09-16T19:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2013:1199", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1199.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/nova/+bug/1194093", }, { name: "[oss-security] 20130806 [OSSA 2013-019] Resource limit circumvention in Nova private flavors (CVE-2013-2256)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2013/q3/281", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-2256", datePublished: "2013-09-16T19:00:00Z", dateReserved: "2013-02-19T00:00:00Z", dateUpdated: "2024-08-06T15:27:41.073Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-9543 (GCVE-0-2015-9543)
Vulnerability from cvelistv5
Published
2020-02-19 02:11
Modified
2024-08-06 08:51
Severity ?
EPSS score ?
Summary
An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access. All Nova setups using novncproxy are affected. This is related to NovaProxyRequestHandlerBase.new_websocket_client in console/websocketproxy.py.
References
| ▼ | URL | Tags |
|---|---|---|
| https://launchpad.net/bugs/1492140 | x_refsource_MISC | |
| https://review.opendev.org/220622 | x_refsource_MISC | |
| https://security.openstack.org/ossa/OSSA-2020-001.html | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2020/02/19/2 | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T08:51:05.311Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.net/bugs/1492140", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://review.opendev.org/220622", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.openstack.org/ossa/OSSA-2020-001.html", }, { name: "[oss-security] 20200219 [OSSA-2020-001] Nova can leak consoleauth token into log files (CVE-2015-9543)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2020/02/19/2", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access. All Nova setups using novncproxy are affected. This is related to NovaProxyRequestHandlerBase.new_websocket_client in console/websocketproxy.py.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-19T18:06:04", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://launchpad.net/bugs/1492140", }, { tags: [ "x_refsource_MISC", ], url: "https://review.opendev.org/220622", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.openstack.org/ossa/OSSA-2020-001.html", }, { name: "[oss-security] 20200219 [OSSA-2020-001] Nova can leak consoleauth token into log files (CVE-2015-9543)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2020/02/19/2", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-9543", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access. All Nova setups using novncproxy are affected. This is related to NovaProxyRequestHandlerBase.new_websocket_client in console/websocketproxy.py.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://launchpad.net/bugs/1492140", refsource: "MISC", url: "https://launchpad.net/bugs/1492140", }, { name: "https://review.opendev.org/220622", refsource: "MISC", url: "https://review.opendev.org/220622", }, { name: "https://security.openstack.org/ossa/OSSA-2020-001.html", refsource: "CONFIRM", url: "https://security.openstack.org/ossa/OSSA-2020-001.html", }, { name: "[oss-security] 20200219 [OSSA-2020-001] Nova can leak consoleauth token into log files (CVE-2015-9543)", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2020/02/19/2", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-9543", datePublished: "2020-02-19T02:11:06", dateReserved: "2020-02-19T00:00:00", dateUpdated: "2024-08-06T08:51:05.311Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-2140 (GCVE-0-2016-2140)
Vulnerability from cvelistv5
Published
2016-04-12 14:00
Modified
2024-08-05 23:17
Severity ?
EPSS score ?
Summary
The libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) and 12.0.x before 12.0.3 (liberty), when using raw storage and use_cow_images is set to false, allows remote authenticated users to read arbitrary files via a crafted qcow2 header in an ephemeral or root disk.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.launchpad.net/nova/+bug/1548450 | x_refsource_CONFIRM | |
| https://security.openstack.org/ossa/OSSA-2016-007.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/84277 | vdb-entry, x_refsource_BID | |
| http://www.openwall.com/lists/oss-security/2016/03/08/6 | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:17:50.583Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/nova/+bug/1548450", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.openstack.org/ossa/OSSA-2016-007.html", }, { name: "84277", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/84277", }, { name: "[oss-security] 20160308 Re: [OSSA 2016-007] Nova host data leak through resize/migration (CVE-2016-2140)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/03/08/6", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-03-08T00:00:00", descriptions: [ { lang: "en", value: "The libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) and 12.0.x before 12.0.3 (liberty), when using raw storage and use_cow_images is set to false, allows remote authenticated users to read arbitrary files via a crafted qcow2 header in an ephemeral or root disk.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-11-25T19:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/nova/+bug/1548450", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.openstack.org/ossa/OSSA-2016-007.html", }, { name: "84277", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/84277", }, { name: "[oss-security] 20160308 Re: [OSSA 2016-007] Nova host data leak through resize/migration (CVE-2016-2140)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/03/08/6", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-2140", datePublished: "2016-04-12T14:00:00", dateReserved: "2016-01-29T00:00:00", dateUpdated: "2024-08-05T23:17:50.583Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2017-17051 (GCVE-0-2017-17051)
Vulnerability from cvelistv5
Published
2017-12-05 18:00
Modified
2024-08-05 20:43
Severity ?
EPSS score ?
Summary
An issue was discovered in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with new images, an authenticated user may consume untracked resources on a hypervisor host leading to a denial of service, aka doubled resource allocations. This regression was introduced with the fix for OSSA-2017-005 (CVE-2017-16239); however, only Nova stable/pike or later deployments with that fix applied and relying on the default FilterScheduler are affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://review.openstack.org/521662 | x_refsource_CONFIRM | |
| https://security.openstack.org/ossa/OSSA-2017-006.html | x_refsource_CONFIRM | |
| https://review.openstack.org/523214 | x_refsource_CONFIRM | |
| https://launchpad.net/bugs/1732976 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/102102 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T20:43:59.804Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://review.openstack.org/521662", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.openstack.org/ossa/OSSA-2017-006.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://review.openstack.org/523214", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://launchpad.net/bugs/1732976", }, { name: "102102", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/102102", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-12-05T00:00:00", descriptions: [ { lang: "en", value: "An issue was discovered in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with new images, an authenticated user may consume untracked resources on a hypervisor host leading to a denial of service, aka doubled resource allocations. This regression was introduced with the fix for OSSA-2017-005 (CVE-2017-16239); however, only Nova stable/pike or later deployments with that fix applied and relying on the default FilterScheduler are affected.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-08T10:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://review.openstack.org/521662", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.openstack.org/ossa/OSSA-2017-006.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://review.openstack.org/523214", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://launchpad.net/bugs/1732976", }, { name: "102102", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/102102", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-17051", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with new images, an authenticated user may consume untracked resources on a hypervisor host leading to a denial of service, aka doubled resource allocations. This regression was introduced with the fix for OSSA-2017-005 (CVE-2017-16239); however, only Nova stable/pike or later deployments with that fix applied and relying on the default FilterScheduler are affected.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://review.openstack.org/521662", refsource: "CONFIRM", url: "https://review.openstack.org/521662", }, { name: "https://security.openstack.org/ossa/OSSA-2017-006.html", refsource: "CONFIRM", url: "https://security.openstack.org/ossa/OSSA-2017-006.html", }, { name: "https://review.openstack.org/523214", refsource: "CONFIRM", url: "https://review.openstack.org/523214", }, { name: "https://launchpad.net/bugs/1732976", refsource: "CONFIRM", url: "https://launchpad.net/bugs/1732976", }, { name: "102102", refsource: "BID", url: "http://www.securityfocus.com/bid/102102", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-17051", datePublished: "2017-12-05T18:00:00", dateReserved: "2017-11-28T00:00:00", dateUpdated: "2024-08-05T20:43:59.804Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-47951 (GCVE-0-2022-47951)
Vulnerability from cvelistv5
Published
2023-01-26 00:00
Modified
2025-03-31 16:49
Severity ?
EPSS score ?
Summary
An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:02:36.595Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://launchpad.net/bugs/1996188", }, { tags: [ "x_transferred", ], url: "https://security.openstack.org/ossa/OSSA-2023-002.html", }, { name: "[debian-lts-announce] 20230130 [SECURITY] [DLA 3300-1] glance security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00040.html", }, { name: "[debian-lts-announce] 20230130 [SECURITY] [DLA 3301-1] cinder security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00041.html", }, { name: "[debian-lts-announce] 20230130 [SECURITY] [DLA 3302-1] nova security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00042.html", }, { name: "DSA-5336", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5336", }, { name: "DSA-5338", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5338", }, { name: "DSA-5337", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5337", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47951", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-31T16:49:04.998803Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-31T16:49:31.493Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-02T00:00:00.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://launchpad.net/bugs/1996188", }, { url: "https://security.openstack.org/ossa/OSSA-2023-002.html", }, { name: "[debian-lts-announce] 20230130 [SECURITY] [DLA 3300-1] glance security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00040.html", }, { name: "[debian-lts-announce] 20230130 [SECURITY] [DLA 3301-1] cinder security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00041.html", }, { name: "[debian-lts-announce] 20230130 [SECURITY] [DLA 3302-1] nova security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00042.html", }, { name: "DSA-5336", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5336", }, { name: "DSA-5338", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5338", }, { name: "DSA-5337", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5337", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-47951", datePublished: "2023-01-26T00:00:00.000Z", dateReserved: "2022-12-24T00:00:00.000Z", dateUpdated: "2025-03-31T16:49:31.493Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-7230 (GCVE-0-2014-7230)
Vulnerability from cvelistv5
Published
2014-10-08 19:00
Modified
2024-08-06 12:40
Severity ?
EPSS score ?
Summary
The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/oss-sec/2014/q3/853 | mailing-list, x_refsource_MLIST | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/96725 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/70185 | vdb-entry, x_refsource_BID | |
| https://bugs.launchpad.net/oslo-incubator/+bug/1343604 | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2014-1939.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.ubuntu.com/usn/USN-2405-1 | vendor-advisory, x_refsource_UBUNTU |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T12:40:19.269Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20140929 Re: CVE request for vulnerability in OpenStack Cinder, Nova and Trove", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2014/q3/853", }, { name: "openstack-cinder-cve20147230-info-disc(96725)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/96725", }, { name: "70185", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/70185", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/oslo-incubator/+bug/1343604", }, { name: "RHSA-2014:1939", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1939.html", }, { name: "USN-2405-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2405-1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-07-22T00:00:00", descriptions: [ { lang: "en", value: "The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-07T15:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[oss-security] 20140929 Re: CVE request for vulnerability in OpenStack Cinder, Nova and Trove", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2014/q3/853", }, { name: "openstack-cinder-cve20147230-info-disc(96725)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/96725", }, { name: "70185", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/70185", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/oslo-incubator/+bug/1343604", }, { name: "RHSA-2014:1939", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1939.html", }, { name: "USN-2405-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2405-1", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-7230", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20140929 Re: CVE request for vulnerability in OpenStack Cinder, Nova and Trove", refsource: "MLIST", url: "http://seclists.org/oss-sec/2014/q3/853", }, { name: "openstack-cinder-cve20147230-info-disc(96725)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/96725", }, { name: "70185", refsource: "BID", url: "http://www.securityfocus.com/bid/70185", }, { name: "https://bugs.launchpad.net/oslo-incubator/+bug/1343604", refsource: "CONFIRM", url: "https://bugs.launchpad.net/oslo-incubator/+bug/1343604", }, { name: "RHSA-2014:1939", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1939.html", }, { name: "USN-2405-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2405-1", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-7230", datePublished: "2014-10-08T19:00:00", dateReserved: "2014-09-29T00:00:00", dateUpdated: "2024-08-06T12:40:19.269Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2017-16239 (GCVE-0-2017-16239)
Vulnerability from cvelistv5
Published
2017-11-14 17:00
Modified
2024-08-05 20:20
Severity ?
EPSS score ?
Summary
In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters (for example, the ImagePropertiesFilter or the IsolatedHostsFilter). All setups using Nova Filter Scheduler are affected. Because of the regression described in Launchpad Bug #1732947, the preferred fix is a 14.x version after 14.0.10, a 15.x version after 15.0.8, or a 16.x version after 16.0.3.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/101950 | vdb-entry, x_refsource_BID | |
| https://access.redhat.com/errata/RHSA-2018:0369 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:0241 | vendor-advisory, x_refsource_REDHAT | |
| https://www.debian.org/security/2017/dsa-4056 | vendor-advisory, x_refsource_DEBIAN | |
| https://launchpad.net/bugs/1664931 | x_refsource_CONFIRM | |
| https://security.openstack.org/ossa/OSSA-2017-005.html | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2018:0314 | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T20:20:05.208Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "101950", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/101950", }, { name: "RHSA-2018:0369", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:0369", }, { name: "RHSA-2018:0241", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:0241", }, { name: "DSA-4056", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2017/dsa-4056", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://launchpad.net/bugs/1664931", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.openstack.org/ossa/OSSA-2017-005.html", }, { name: "RHSA-2018:0314", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:0314", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-11-14T00:00:00", descriptions: [ { lang: "en", value: "In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters (for example, the ImagePropertiesFilter or the IsolatedHostsFilter). All setups using Nova Filter Scheduler are affected. Because of the regression described in Launchpad Bug #1732947, the preferred fix is a 14.x version after 14.0.10, a 15.x version after 15.0.8, or a 16.x version after 16.0.3.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-02-28T10:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "101950", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/101950", }, { name: "RHSA-2018:0369", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:0369", }, { name: "RHSA-2018:0241", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:0241", }, { name: "DSA-4056", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2017/dsa-4056", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://launchpad.net/bugs/1664931", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.openstack.org/ossa/OSSA-2017-005.html", }, { name: "RHSA-2018:0314", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:0314", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-16239", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters (for example, the ImagePropertiesFilter or the IsolatedHostsFilter). All setups using Nova Filter Scheduler are affected. Because of the regression described in Launchpad Bug #1732947, the preferred fix is a 14.x version after 14.0.10, a 15.x version after 15.0.8, or a 16.x version after 16.0.3.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "101950", refsource: "BID", url: "http://www.securityfocus.com/bid/101950", }, { name: "RHSA-2018:0369", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:0369", }, { name: "RHSA-2018:0241", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:0241", }, { name: "DSA-4056", refsource: "DEBIAN", url: "https://www.debian.org/security/2017/dsa-4056", }, { name: "https://launchpad.net/bugs/1664931", refsource: "CONFIRM", url: "https://launchpad.net/bugs/1664931", }, { name: "https://security.openstack.org/ossa/OSSA-2017-005.html", refsource: "CONFIRM", url: "https://security.openstack.org/ossa/OSSA-2017-005.html", }, { name: "RHSA-2018:0314", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:0314", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-16239", datePublished: "2017-11-14T17:00:00", dateReserved: "2017-10-31T00:00:00", dateUpdated: "2024-08-05T20:20:05.208Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-3608 (GCVE-0-2014-3608)
Vulnerability from cvelistv5
Published
2014-10-06 14:00
Modified
2024-08-06 10:50
Severity ?
EPSS score ?
Summary
The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2573.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2014-1782.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2014-1781.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugs.launchpad.net/nova/+bug/1338830 | x_refsource_CONFIRM | |
| http://seclists.org/oss-sec/2014/q4/65 | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/70220 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T10:50:17.772Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2014:1782", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1782.html", }, { name: "RHSA-2014:1781", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1781.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/nova/+bug/1338830", }, { name: "[oss-security] 20141002 [OSSA 2014-032] Nova VMware driver still leaks rescued images (CVE-2014-3608)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2014/q4/65", }, { name: "70220", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/70220", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-10-02T00:00:00", descriptions: [ { lang: "en", value: "The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2573.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-11-25T19:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2014:1782", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1782.html", }, { name: "RHSA-2014:1781", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1781.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/nova/+bug/1338830", }, { name: "[oss-security] 20141002 [OSSA 2014-032] Nova VMware driver still leaks rescued images (CVE-2014-3608)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2014/q4/65", }, { name: "70220", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/70220", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-3608", datePublished: "2014-10-06T14:00:00", dateReserved: "2014-05-14T00:00:00", dateUpdated: "2024-08-06T10:50:17.772Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-14433 (GCVE-0-2019-14433)
Vulnerability from cvelistv5
Published
2019-08-09 18:21
Modified
2024-08-05 00:19
Severity ?
EPSS score ?
Summary
An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data.
References
| ▼ | URL | Tags |
|---|---|---|
| https://launchpad.net/bugs/1837877 | x_refsource_MISC | |
| https://security.openstack.org/ossa/OSSA-2019-003.html | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2019/08/06/6 | mailing-list, x_refsource_MLIST | |
| https://usn.ubuntu.com/4104-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://access.redhat.com/errata/RHSA-2019:2631 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:2622 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2019:2652 | vendor-advisory, x_refsource_REDHAT | |
| https://lists.debian.org/debian-lts-announce/2022/09/msg00018.html | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:19:41.228Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.net/bugs/1837877", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.openstack.org/ossa/OSSA-2019-003.html", }, { name: "[oss-security] 20190806 [OSSA-2019-003] Nova Server Resource Faults Leak External Exception Details (CVE-2019-14433)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/08/06/6", }, { name: "USN-4104-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4104-1/", }, { name: "RHSA-2019:2631", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2631", }, { name: "RHSA-2019:2622", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2622", }, { name: "RHSA-2019:2652", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2652", }, { name: "[debian-lts-announce] 20220915 [SECURITY] [DLA 3109-1] nova security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/09/msg00018.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-15T09:06:10", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://launchpad.net/bugs/1837877", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.openstack.org/ossa/OSSA-2019-003.html", }, { name: "[oss-security] 20190806 [OSSA-2019-003] Nova Server Resource Faults Leak External Exception Details (CVE-2019-14433)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/08/06/6", }, { name: "USN-4104-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4104-1/", }, { name: "RHSA-2019:2631", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2631", }, { name: "RHSA-2019:2622", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2622", }, { name: "RHSA-2019:2652", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2652", }, { name: "[debian-lts-announce] 20220915 [SECURITY] [DLA 3109-1] nova security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2022/09/msg00018.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-14433", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://launchpad.net/bugs/1837877", refsource: "MISC", url: "https://launchpad.net/bugs/1837877", }, { name: "https://security.openstack.org/ossa/OSSA-2019-003.html", refsource: "CONFIRM", url: "https://security.openstack.org/ossa/OSSA-2019-003.html", }, { name: "[oss-security] 20190806 [OSSA-2019-003] Nova Server Resource Faults Leak External Exception Details (CVE-2019-14433)", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/08/06/6", }, { name: "USN-4104-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4104-1/", }, { name: "RHSA-2019:2631", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2631", }, { name: "RHSA-2019:2622", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2622", }, { name: "RHSA-2019:2652", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2652", }, { name: "[debian-lts-announce] 20220915 [SECURITY] [DLA 3109-1] nova security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2022/09/msg00018.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-14433", datePublished: "2019-08-09T18:21:04", dateReserved: "2019-07-29T00:00:00", dateUpdated: "2024-08-05T00:19:41.228Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-3280 (GCVE-0-2015-3280)
Vulnerability from cvelistv5
Published
2015-10-26 17:00
Modified
2024-08-06 05:39
Severity ?
EPSS score ?
Summary
OpenStack Compute (nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances while in the resize state.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2015-1898.html | vendor-advisory, x_refsource_REDHAT | |
| https://launchpad.net/bugs/1392527 | x_refsource_CONFIRM | |
| http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/76553 | vdb-entry, x_refsource_BID | |
| https://security.openstack.org/ossa/OSSA-2015-017.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:39:32.083Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1898", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1898.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://launchpad.net/bugs/1392527", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { name: "76553", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/76553", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.openstack.org/ossa/OSSA-2015-017.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-09-01T00:00:00", descriptions: [ { lang: "en", value: "OpenStack Compute (nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances while in the resize state.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-11-25T19:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:1898", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1898.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://launchpad.net/bugs/1392527", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { name: "76553", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/76553", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.openstack.org/ossa/OSSA-2015-017.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-3280", datePublished: "2015-10-26T17:00:00", dateReserved: "2015-04-10T00:00:00", dateUpdated: "2024-08-06T05:39:32.083Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2012-3447 (GCVE-0-2012-3447)
Vulnerability from cvelistv5
Published
2012-08-20 18:00
Modified
2024-08-06 20:05
Severity ?
EPSS score ?
Summary
virt/disk/api.py in OpenStack Compute (Nova) 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image that uses a symlink that is only readable by root. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3361.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/openstack/nova/commit/ce4b2e27be45a85b310237615c47eb53f37bb5f3 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2012/08/07/1 | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/54869 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/77539 | vdb-entry, x_refsource_XF | |
| https://review.openstack.org/#/c/10953/ | x_refsource_CONFIRM | |
| https://bugs.launchpad.net/nova/+bug/1031311 | x_refsource_CONFIRM | |
| https://github.com/openstack/nova/commit/d9577ce9f266166a297488445b5b0c93c1ddb368 | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=845106 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T20:05:12.578Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/openstack/nova/commit/ce4b2e27be45a85b310237615c47eb53f37bb5f3", }, { name: "[oss-security] 20120807 [OSSA 2012-011] Compute node filesystem injection/corruption (CVE-2012-3447)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2012/08/07/1", }, { name: "54869", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/54869", }, { name: "openstack-nova-code-execution(77539)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/77539", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://review.openstack.org/#/c/10953/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/nova/+bug/1031311", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/openstack/nova/commit/d9577ce9f266166a297488445b5b0c93c1ddb368", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=845106", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2012-07-31T00:00:00", descriptions: [ { lang: "en", value: "virt/disk/api.py in OpenStack Compute (Nova) 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image that uses a symlink that is only readable by root. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3361.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-28T12:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/openstack/nova/commit/ce4b2e27be45a85b310237615c47eb53f37bb5f3", }, { name: "[oss-security] 20120807 [OSSA 2012-011] Compute node filesystem injection/corruption (CVE-2012-3447)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2012/08/07/1", }, { name: "54869", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/54869", }, { name: "openstack-nova-code-execution(77539)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/77539", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://review.openstack.org/#/c/10953/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/nova/+bug/1031311", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/openstack/nova/commit/d9577ce9f266166a297488445b5b0c93c1ddb368", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=845106", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2012-3447", datePublished: "2012-08-20T18:00:00", dateReserved: "2012-06-14T00:00:00", dateUpdated: "2024-08-06T20:05:12.578Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2017-7214 (GCVE-0-2017-7214)
Vulnerability from cvelistv5
Published
2017-03-21 18:00
Modified
2024-08-05 15:56
Severity ?
EPSS score ?
Summary
An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1. Legacy notification exception contexts appearing in ERROR level logs may include sensitive information such as account passwords and authorization tokens.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2017:1595 | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/96998 | vdb-entry, x_refsource_BID | |
| https://launchpad.net/bugs/1673569 | x_refsource_CONFIRM | |
| https://access.redhat.com/errata/RHSA-2017:1508 | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:56:35.974Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2017:1595", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:1595", }, { name: "96998", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/96998", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://launchpad.net/bugs/1673569", }, { name: "RHSA-2017:1508", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:1508", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-03-21T00:00:00", descriptions: [ { lang: "en", value: "An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1. Legacy notification exception contexts appearing in ERROR level logs may include sensitive information such as account passwords and authorization tokens.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "RHSA-2017:1595", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:1595", }, { name: "96998", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/96998", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://launchpad.net/bugs/1673569", }, { name: "RHSA-2017:1508", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:1508", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-7214", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1. Legacy notification exception contexts appearing in ERROR level logs may include sensitive information such as account passwords and authorization tokens.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2017:1595", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:1595", }, { name: "96998", refsource: "BID", url: "http://www.securityfocus.com/bid/96998", }, { name: "https://launchpad.net/bugs/1673569", refsource: "CONFIRM", url: "https://launchpad.net/bugs/1673569", }, { name: "RHSA-2017:1508", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:1508", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-7214", datePublished: "2017-03-21T18:00:00", dateReserved: "2017-03-21T00:00:00", dateUpdated: "2024-08-05T15:56:35.974Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-3517 (GCVE-0-2014-3517)
Vulnerability from cvelistv5
Published
2014-08-07 10:00
Modified
2024-08-06 10:43
Severity ?
EPSS score ?
Summary
api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2, when proxying metadata requests through Neutron, makes it easier for remote attackers to guess instance ID signatures via a brute-force attack that relies on timing differences in responses to instance metadata requests.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2014/07/17/2 | mailing-list, x_refsource_MLIST | |
| https://bugs.launchpad.net/nova/+bug/1325128 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T10:43:06.334Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20140717 [OSSA 2014-024] Use of non-constant time comparison operation (CVE-2014-3517)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2014/07/17/2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/nova/+bug/1325128", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-07-17T00:00:00", descriptions: [ { lang: "en", value: "api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2, when proxying metadata requests through Neutron, makes it easier for remote attackers to guess instance ID signatures via a brute-force attack that relies on timing differences in responses to instance metadata requests.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2014-08-07T08:57:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20140717 [OSSA 2014-024] Use of non-constant time comparison operation (CVE-2014-3517)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2014/07/17/2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/nova/+bug/1325128", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-3517", datePublished: "2014-08-07T10:00:00", dateReserved: "2014-05-14T00:00:00", dateUpdated: "2024-08-06T10:43:06.334Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-3241 (GCVE-0-2015-3241)
Vulnerability from cvelistv5
Published
2015-09-08 15:00
Modified
2024-08-06 05:39
Severity ?
EPSS score ?
Summary
OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2015-1723.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/75372 | vdb-entry, x_refsource_BID | |
| http://rhn.redhat.com/errata/RHSA-2015-1898.html | vendor-advisory, x_refsource_REDHAT | |
| https://github.com/openstack/ossa/blob/482576204dec96f580817b119e3166d71c757731/ossa/OSSA-2015-015.yaml | x_refsource_CONFIRM | |
| https://security.openstack.org/ossa/OSSA-2015-015.html | x_refsource_CONFIRM | |
| https://launchpad.net/bugs/1387543 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:39:32.092Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2015:1723", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1723.html", }, { name: "75372", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/75372", }, { name: "RHSA-2015:1898", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1898.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/openstack/ossa/blob/482576204dec96f580817b119e3166d71c757731/ossa/OSSA-2015-015.yaml", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.openstack.org/ossa/OSSA-2015-015.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://launchpad.net/bugs/1387543", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-08-25T00:00:00", descriptions: [ { lang: "en", value: "OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-01T15:57:02", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2015:1723", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1723.html", }, { name: "75372", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/75372", }, { name: "RHSA-2015:1898", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1898.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/openstack/ossa/blob/482576204dec96f580817b119e3166d71c757731/ossa/OSSA-2015-015.yaml", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.openstack.org/ossa/OSSA-2015-015.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://launchpad.net/bugs/1387543", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-3241", datePublished: "2015-09-08T15:00:00", dateReserved: "2015-04-10T00:00:00", dateUpdated: "2024-08-06T05:39:32.092Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2024-32498 (GCVE-0-2024-32498)
Vulnerability from cvelistv5
Published
2024-07-05 00:00
Modified
2024-10-30 19:50
Severity ?
EPSS score ?
Summary
An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom QCOW2 external data. By supplying a crafted QCOW2 image that references a specific data file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Cinder and Nova deployments are affected; only Glance deployments with image conversion enabled are affected.
References
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2024-32498", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-16T15:32:53.035957Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-552", description: "CWE-552 Files or Directories Accessible to External Parties", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-30T19:50:39.398Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-09-13T17:04:46.471Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://launchpad.net/bugs/2059809", }, { tags: [ "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2024/07/02/2", }, { url: "https://lists.debian.org/debian-lts-announce/2024/09/msg00016.html", }, { url: "http://www.openwall.com/lists/oss-security/2024/07/02/2", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom QCOW2 external data. By supplying a crafted QCOW2 image that references a specific data file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Cinder and Nova deployments are affected; only Glance deployments with image conversion enabled are affected.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-23T15:16:09.036565", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://launchpad.net/bugs/2059809", }, { name: "[oss-security] 20240702 [OSSA-2024-001] OpenStack Cinder, Glance, Nova: Arbitrary file access through custom QCOW2 external data (CVE-2024-32498)", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2024/07/02/2", }, { url: "https://www.openwall.com/lists/oss-security/2024/07/02/2", }, { url: "https://security.openstack.org/ossa/OSSA-2024-001.html", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-32498", datePublished: "2024-07-05T00:00:00", dateReserved: "2024-04-15T00:00:00", dateUpdated: "2024-10-30T19:50:39.398Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2013-0326 (GCVE-0-2013-0326)
Vulnerability from cvelistv5
Published
2019-12-05 16:09
Modified
2024-08-06 14:25
Severity ?
EPSS score ?
Summary
OpenStack nova base images permissions are world readable
References
| ▼ | URL | Tags |
|---|---|---|
| https://security-tracker.debian.org/tracker/CVE-2013-0326 | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0326 | x_refsource_MISC | |
| https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-0326 | x_refsource_MISC | |
| https://access.redhat.com/security/cve/cve-2013-0326 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| openstack-nova | openstack-nova |
Version: 3.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T14:25:09.127Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://security-tracker.debian.org/tracker/CVE-2013-0326", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0326", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-0326", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://access.redhat.com/security/cve/cve-2013-0326", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "openstack-nova", vendor: "openstack-nova", versions: [ { status: "affected", version: "3.0", }, ], }, ], descriptions: [ { lang: "en", value: "OpenStack nova base images permissions are world readable", }, ], problemTypes: [ { descriptions: [ { description: "images permissions world readable", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-12-05T16:09:35", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://security-tracker.debian.org/tracker/CVE-2013-0326", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0326", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-0326", }, { tags: [ "x_refsource_MISC", ], url: "https://access.redhat.com/security/cve/cve-2013-0326", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-0326", datePublished: "2019-12-05T16:09:36", dateReserved: "2012-12-06T00:00:00", dateUpdated: "2024-08-06T14:25:09.127Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-5162 (GCVE-0-2015-5162)
Vulnerability from cvelistv5
Published
2016-10-07 14:00
Modified
2024-08-06 06:41
Severity ?
EPSS score ?
Summary
The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does not properly limit qemu-img calls, which might allow attackers to cause a denial of service (memory and disk consumption) via a crafted disk image.
References
| ▼ | URL | Tags |
|---|---|---|
| https://launchpad.net/bugs/1449062 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/76849 | vdb-entry, x_refsource_BID | |
| http://rhn.redhat.com/errata/RHSA-2017-0153.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.openwall.com/lists/oss-security/2016/10/06/8 | mailing-list, x_refsource_MLIST | |
| http://rhn.redhat.com/errata/RHSA-2016-2923.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2016-2991.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2017-0165.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2017-0156.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2017-0282.html | vendor-advisory, x_refsource_REDHAT |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T06:41:07.567Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://launchpad.net/bugs/1449062", }, { name: "76849", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/76849", }, { name: "RHSA-2017:0153", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0153.html", }, { name: "[oss-security] 20161006 OSSA 2016-012] Malicious qemu-img input may exhaust resources in Cinder, Glance, Nova (CVE-2015-5162)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2016/10/06/8", }, { name: "RHSA-2016:2923", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2923.html", }, { name: "RHSA-2016:2991", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2991.html", }, { name: "RHSA-2017:0165", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0165.html", }, { name: "RHSA-2017:0156", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0156.html", }, { name: "RHSA-2017:0282", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0282.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-10-06T00:00:00", descriptions: [ { lang: "en", value: "The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does not properly limit qemu-img calls, which might allow attackers to cause a denial of service (memory and disk consumption) via a crafted disk image.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-04T19:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://launchpad.net/bugs/1449062", }, { name: "76849", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/76849", }, { name: "RHSA-2017:0153", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0153.html", }, { name: "[oss-security] 20161006 OSSA 2016-012] Malicious qemu-img input may exhaust resources in Cinder, Glance, Nova (CVE-2015-5162)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2016/10/06/8", }, { name: "RHSA-2016:2923", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2923.html", }, { name: "RHSA-2016:2991", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-2991.html", }, { name: "RHSA-2017:0165", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0165.html", }, { name: "RHSA-2017:0156", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0156.html", }, { name: "RHSA-2017:0282", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0282.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-5162", datePublished: "2016-10-07T14:00:00", dateReserved: "2015-07-01T00:00:00", dateUpdated: "2024-08-06T06:41:07.567Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2013-6437 (GCVE-0-2013-6437)
Vulnerability from cvelistv5
Published
2014-03-06 15:00
Modified
2024-08-06 17:39
Severity ?
EPSS score ?
Summary
The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service (disk consumption) by creating and deleting instances with unique os_type settings, which triggers the creation of a new ephemeral disk backing file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2014-0231.html | vendor-advisory, x_refsource_REDHAT | |
| http://lists.openstack.org/pipermail/openstack-announce/2013-December/000179.html | mailing-list, x_refsource_MLIST | |
| https://bugs.launchpad.net/nova/+bug/1253980 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T17:39:01.271Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2014:0231", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0231.html", }, { name: "[openstack-announce] 20131218 [OSSA 2013-037] Nova compute DoS through ephemeral disk backing files (CVE-2013-6437)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lists.openstack.org/pipermail/openstack-announce/2013-December/000179.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/nova/+bug/1253980", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-12-18T00:00:00", descriptions: [ { lang: "en", value: "The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service (disk consumption) by creating and deleting instances with unique os_type settings, which triggers the creation of a new ephemeral disk backing file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2014-03-06T14:57:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2014:0231", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0231.html", }, { name: "[openstack-announce] 20131218 [OSSA 2013-037] Nova compute DoS through ephemeral disk backing files (CVE-2013-6437)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lists.openstack.org/pipermail/openstack-announce/2013-December/000179.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/nova/+bug/1253980", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-6437", datePublished: "2014-03-06T15:00:00", dateReserved: "2013-11-04T00:00:00", dateUpdated: "2024-08-06T17:39:01.271Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-7548 (GCVE-0-2015-7548)
Vulnerability from cvelistv5
Published
2016-01-12 19:00
Modified
2024-08-06 07:51
Severity ?
EPSS score ?
Summary
OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty), when using libvirt to spawn instances and use_cow_images is set to false, allow remote authenticated users to read arbitrary files by overwriting an instance disk with a crafted image and requesting a snapshot.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/80176 | vdb-entry, x_refsource_BID | |
| http://rhn.redhat.com/errata/RHSA-2016-0018.html | vendor-advisory, x_refsource_REDHAT | |
| https://security.openstack.org/ossa/OSSA-2016-001.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T07:51:28.584Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "80176", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/80176", }, { name: "RHSA-2016:0018", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0018.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.openstack.org/ossa/OSSA-2016-001.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-01-07T00:00:00", descriptions: [ { lang: "en", value: "OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty), when using libvirt to spawn instances and use_cow_images is set to false, allow remote authenticated users to read arbitrary files by overwriting an instance disk with a crafted image and requesting a snapshot.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-02T20:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "80176", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/80176", }, { name: "RHSA-2016:0018", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0018.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.openstack.org/ossa/OSSA-2016-001.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-7548", datePublished: "2016-01-12T19:00:00", dateReserved: "2015-09-29T00:00:00", dateUpdated: "2024-08-06T07:51:28.584Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2011-3147 (GCVE-0-2011-3147)
Vulnerability from cvelistv5
Published
2019-04-22 15:35
Modified
2024-09-16 18:38
Severity ?
EPSS score ?
Summary
Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem.
References
| ▼ | URL | Tags |
|---|---|---|
| http://bazaar.launchpad.net/~hudson-openstack/nova/trunk/revision/1604 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T23:22:27.620Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://bazaar.launchpad.net/~hudson-openstack/nova/trunk/revision/1604", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], credits: [ { lang: "en", value: "Scott Moser", }, ], datePublic: "2011-09-20T00:00:00", descriptions: [ { lang: "en", value: "Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 2.8, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-22T15:35:58", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://bazaar.launchpad.net/~hudson-openstack/nova/trunk/revision/1604", }, ], source: { defect: [ "https://bugs.launchpad.net/nova/%2Bbug/853330", ], discovery: "INTERNAL", }, title: "qcow format could expose host filesystem information", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", DATE_PUBLIC: "2011-09-20T00:00:00.000Z", ID: "CVE-2011-3147", STATE: "PUBLIC", TITLE: "qcow format could expose host filesystem information", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, credit: [ { lang: "eng", value: "Scott Moser", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 2.8, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://bazaar.launchpad.net/~hudson-openstack/nova/trunk/revision/1604", refsource: "MISC", url: "http://bazaar.launchpad.net/~hudson-openstack/nova/trunk/revision/1604", }, ], }, source: { defect: [ "https://bugs.launchpad.net/nova/%2Bbug/853330", ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2011-3147", datePublished: "2019-04-22T15:35:58.896898Z", dateReserved: "2011-08-16T00:00:00", dateUpdated: "2024-09-16T18:38:54.968Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-7231 (GCVE-0-2014-7231)
Vulnerability from cvelistv5
Published
2014-10-08 19:00
Modified
2024-08-06 12:40
Severity ?
EPSS score ?
Summary
The strutils.mask_password function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 does not properly mask passwords when logging commands, which allows local users to obtain passwords by reading the log.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/oss-sec/2014/q3/853 | mailing-list, x_refsource_MLIST | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/96726 | vdb-entry, x_refsource_XF | |
| http://rhn.redhat.com/errata/RHSA-2014-1939.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugs.launchpad.net/oslo.utils/+bug/1345233 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/70184 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T12:40:19.265Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20140929 Re: CVE request for vulnerability in OpenStack Cinder, Nova and Trove", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2014/q3/853", }, { name: "openstack-nova-cve20147231-info-disc(96726)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/96726", }, { name: "RHSA-2014:1939", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1939.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/oslo.utils/+bug/1345233", }, { name: "70184", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/70184", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-07-19T00:00:00", descriptions: [ { lang: "en", value: "The strutils.mask_password function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 does not properly mask passwords when logging commands, which allows local users to obtain passwords by reading the log.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-07T15:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[oss-security] 20140929 Re: CVE request for vulnerability in OpenStack Cinder, Nova and Trove", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2014/q3/853", }, { name: "openstack-nova-cve20147231-info-disc(96726)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/96726", }, { name: "RHSA-2014:1939", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1939.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/oslo.utils/+bug/1345233", }, { name: "70184", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/70184", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-7231", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The strutils.mask_password function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 does not properly mask passwords when logging commands, which allows local users to obtain passwords by reading the log.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20140929 Re: CVE request for vulnerability in OpenStack Cinder, Nova and Trove", refsource: "MLIST", url: "http://seclists.org/oss-sec/2014/q3/853", }, { name: "openstack-nova-cve20147231-info-disc(96726)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/96726", }, { name: "RHSA-2014:1939", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1939.html", }, { name: "https://bugs.launchpad.net/oslo.utils/+bug/1345233", refsource: "CONFIRM", url: "https://bugs.launchpad.net/oslo.utils/+bug/1345233", }, { name: "70184", refsource: "BID", url: "http://www.securityfocus.com/bid/70184", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-7231", datePublished: "2014-10-08T19:00:00", dateReserved: "2014-09-29T00:00:00", dateUpdated: "2024-08-06T12:40:19.265Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-8750 (GCVE-0-2014-8750)
Vulnerability from cvelistv5
Published
2014-10-15 14:00
Modified
2024-08-06 13:26
Severity ?
EPSS score ?
Summary
Race condition in the VMware driver in OpenStack Compute (Nova) before 2014.1.4 and 2014.2 before 2014.2rc1 allows remote authenticated users to access unintended consoles by spawning an instance that triggers the same VNC port to be allocated to two different instances.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.launchpad.net/nova/+bug/1357372 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/60227 | third-party-advisory, x_refsource_SECUNIA | |
| http://rhn.redhat.com/errata/RHSA-2014-1689.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2014-1782.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2014-1781.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.openwall.com/lists/oss-security/2014/10/14/9 | mailing-list, x_refsource_MLIST | |
| http://lists.openstack.org/pipermail/openstack-announce/2014-October/000293.html | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/70182 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:26:02.969Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/nova/+bug/1357372", }, { name: "60227", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60227", }, { name: "RHSA-2014:1689", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1689.html", }, { name: "RHSA-2014:1782", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1782.html", }, { name: "RHSA-2014:1781", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1781.html", }, { name: "[oss-security] 20141014 [OSSA 2014-035] Nova VMware driver may connect VNC to another tenant's console (CVE-2014-8750)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2014/10/14/9", }, { name: "[openstack-announce] 20141014 [OSSA 2014-035] Nova VMware driver may connect VNC to another tenant's console (CVE-2014-8750)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lists.openstack.org/pipermail/openstack-announce/2014-October/000293.html", }, { name: "70182", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/70182", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-10-14T00:00:00", descriptions: [ { lang: "en", value: "Race condition in the VMware driver in OpenStack Compute (Nova) before 2014.1.4 and 2014.2 before 2014.2rc1 allows remote authenticated users to access unintended consoles by spawning an instance that triggers the same VNC port to be allocated to two different instances.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2014-11-04T14:57:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/nova/+bug/1357372", }, { name: "60227", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60227", }, { name: "RHSA-2014:1689", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1689.html", }, { name: "RHSA-2014:1782", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1782.html", }, { name: "RHSA-2014:1781", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1781.html", }, { name: "[oss-security] 20141014 [OSSA 2014-035] Nova VMware driver may connect VNC to another tenant's console (CVE-2014-8750)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2014/10/14/9", }, { name: "[openstack-announce] 20141014 [OSSA 2014-035] Nova VMware driver may connect VNC to another tenant's console (CVE-2014-8750)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lists.openstack.org/pipermail/openstack-announce/2014-October/000293.html", }, { name: "70182", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/70182", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-8750", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Race condition in the VMware driver in OpenStack Compute (Nova) before 2014.1.4 and 2014.2 before 2014.2rc1 allows remote authenticated users to access unintended consoles by spawning an instance that triggers the same VNC port to be allocated to two different instances.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.launchpad.net/nova/+bug/1357372", refsource: "CONFIRM", url: "https://bugs.launchpad.net/nova/+bug/1357372", }, { name: "60227", refsource: "SECUNIA", url: "http://secunia.com/advisories/60227", }, { name: "RHSA-2014:1689", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1689.html", }, { name: "RHSA-2014:1782", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1782.html", }, { name: "RHSA-2014:1781", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1781.html", }, { name: "[oss-security] 20141014 [OSSA 2014-035] Nova VMware driver may connect VNC to another tenant's console (CVE-2014-8750)", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2014/10/14/9", }, { name: "[openstack-announce] 20141014 [OSSA 2014-035] Nova VMware driver may connect VNC to another tenant's console (CVE-2014-8750)", refsource: "MLIST", url: "http://lists.openstack.org/pipermail/openstack-announce/2014-October/000293.html", }, { name: "70182", refsource: "BID", url: "http://www.securityfocus.com/bid/70182", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-8750", datePublished: "2014-10-15T14:00:00", dateReserved: "2014-10-13T00:00:00", dateUpdated: "2024-08-06T13:26:02.969Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2014-3708 (GCVE-0-2014-3708)
Vulnerability from cvelistv5
Published
2014-10-31 14:00
Modified
2024-08-06 10:50
Severity ?
EPSS score ?
Summary
OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an IP filter in a list active servers API request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/70777 | vdb-entry, x_refsource_BID | |
| http://rhn.redhat.com/errata/RHSA-2015-0844.html | vendor-advisory, x_refsource_REDHAT | |
| http://rhn.redhat.com/errata/RHSA-2015-0843.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugs.launchpad.net/nova/+bug/1358583 | x_refsource_CONFIRM | |
| http://lists.openstack.org/pipermail/openstack-announce/2014-October/000301.html | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T10:50:18.332Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "70777", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/70777", }, { name: "RHSA-2015:0844", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0844.html", }, { name: "RHSA-2015:0843", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0843.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/nova/+bug/1358583", }, { name: "[openstack-announce] 20141028 [OSSA 2014-038] Nova network DoS through API filtering (CVE-2014-3708)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lists.openstack.org/pipermail/openstack-announce/2014-October/000301.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-10-28T00:00:00", descriptions: [ { lang: "en", value: "OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an IP filter in a list active servers API request.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-11-25T19:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "70777", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/70777", }, { name: "RHSA-2015:0844", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0844.html", }, { name: "RHSA-2015:0843", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0843.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/nova/+bug/1358583", }, { name: "[openstack-announce] 20141028 [OSSA 2014-038] Nova network DoS through API filtering (CVE-2014-3708)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lists.openstack.org/pipermail/openstack-announce/2014-October/000301.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-3708", datePublished: "2014-10-31T14:00:00", dateReserved: "2014-05-14T00:00:00", dateUpdated: "2024-08-06T10:50:18.332Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2015-09-08 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "7FD6C19A-8301-4301-814A-62600672BE42", versionEndIncluding: "2014.2.3", versionStartIncluding: "2014.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "67984FCE-EC2A-4176-9D6F-69518BA8C060", versionEndIncluding: "2015.1.1", versionStartIncluding: "2015.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.", }, { lang: "es", value: "Vulnerabilidad en OpenStack Compute (nova) 2015.1 hasta la versión 2015.1.1, 2014.2.3 y anteriores, no detiene el proceso de migración cuando se borra la instancia, lo que permite a usuarios remotos autenticados causar una denegación de servicio (disco, red y otros consumos de memoria) modificando el tamaño y borrándo entonces la instancia.", }, ], id: "CVE-2015-3241", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-09-08T15:59:01.407", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1723.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1898.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/75372", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://github.com/openstack/ossa/blob/482576204dec96f580817b119e3166d71c757731/ossa/OSSA-2015-015.yaml", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://launchpad.net/bugs/1387543", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2015-015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1723.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1898.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/75372", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/openstack/ossa/blob/482576204dec96f580817b119e3166d71c757731/ossa/OSSA-2015-015.yaml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://launchpad.net/bugs/1387543", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2015-015.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-07-24 05:15
Modified
2025-03-19 15:15
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Nova deployments are affected. NOTE: this issue exists because of an incomplete fix for CVE-2022-47951 and CVE-2024-32498.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://launchpad.net/bugs/2071734 | Exploit, Issue Tracking | |
| cve@mitre.org | https://security.openstack.org | Vendor Advisory | |
| cve@mitre.org | https://security.openstack.org/ossa/OSSA-2024-002.html | Vendor Advisory | |
| cve@mitre.org | https://www.openwall.com/lists/oss-security/2024/07/23/2 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.net/bugs/2071734 | Exploit, Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.openstack.org | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.openstack.org/ossa/OSSA-2024-002.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2024/07/23/2 | Mailing List |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "D74C8EE9-1EC5-4286-B208-383ED634118F", versionEndExcluding: "27.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "716EDE86-85A2-4CB9-B494-D4F2D08052F3", versionEndExcluding: "28.2.1", versionStartIncluding: "28.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "11E02C0C-E7BD-47D4-BAF9-906CE166CD0B", versionEndExcluding: "29.1.1", versionStartIncluding: "29.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Nova deployments are affected. NOTE: this issue exists because of an incomplete fix for CVE-2022-47951 and CVE-2024-32498.", }, { lang: "es", value: "En OpenStack Nova anterior a 27.4.1, 28 anterior a 28.2.1 y 29 anterior a 29.1.1, al proporcionar una imagen sin formato que en realidad es una imagen QCOW2 manipulada con una ruta de archivo de respaldo o una imagen plana VMDK con una ruta de archivo descriptiva, se El usuario autenticado puede convencer a los sistemas para que devuelvan una copia del contenido del archivo al que se hace referencia desde el servidor, lo que resulta en un acceso no autorizado a datos potencialmente confidenciales. Todas las implementaciones de Nova se ven afectadas. NOTA: este problema existe debido a una solución incompleta para CVE-2022-47951 y CVE-2024-32498.", }, ], id: "CVE-2024-40767", lastModified: "2025-03-19T15:15:48.103", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-07-24T05:15:12.907", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", ], url: "https://launchpad.net/bugs/2071734", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://security.openstack.org", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2024-002.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://www.openwall.com/lists/oss-security/2024/07/23/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", ], url: "https://launchpad.net/bugs/2071734", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://security.openstack.org", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2024-002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://www.openwall.com/lists/oss-security/2024/07/23/2", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-552", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2016-10-07 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does not properly limit qemu-img calls, which might allow attackers to cause a denial of service (memory and disk consumption) via a crafted disk image.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:cinder:7.0.2:*:*:*:*:*:*:*", matchCriteriaId: "4A52FF5F-8E17-4ADE-86E4-E5840A9C65A7", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:cinder:8.0.0:*:*:*:*:*:*:*", matchCriteriaId: "F3C5B0AB-0716-42A5-B892-35DFA579DC9E", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:cinder:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "BAF0C010-FA4E-4E7E-AC97-9DE2BE72DFD7", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:glance:*:*:*:*:*:*:*:*", matchCriteriaId: "BD511BE8-7561-4D09-B977-D348B7CD8C33", versionEndIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:glance:11.0.1:*:*:*:*:*:*:*", matchCriteriaId: "2F6791E7-895C-4459-8C7A-9B40BD4F7E42", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:glance:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "1C4D5422-B63A-4B85-BFCC-5793F921B137", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "6B690B6E-9C43-4B81-AFD9-FADC05366CD8", versionEndIncluding: "12.0.3", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BF818F64-06A3-4B6F-84DA-ACA0487D4A87", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does not properly limit qemu-img calls, which might allow attackers to cause a denial of service (memory and disk consumption) via a crafted disk image.", }, { lang: "es", value: "El analizador de imagen en OpenStack Cinder 7.0.2 y 8.0.0 hasta la versión 8.1.1; Glance en versiones anteriores a 11.0.1 y 12.0.0; y Nova en versiones anteriores a 12.0.4 y 13.0.0 no limita adecuadamente las llamadas a qemu-img, lo que podría permitir a atacantes provocar una denegación de servicio (consumo de memoria y disco) a través de una imagen de disco manipulada.", }, ], id: "CVE-2015-5162", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-10-07T14:59:01.520", references: [ { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2923.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2016-2991.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2017-0153.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2017-0156.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2017-0165.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2017-0282.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/10/06/8", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/76849", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "https://launchpad.net/bugs/1449062", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2923.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2016-2991.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2017-0153.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2017-0156.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2017-0165.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2017-0282.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/10/06/8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/76849", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://launchpad.net/bugs/1449062", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-19 03:15
Modified
2024-11-21 02:40
Severity ?
Summary
An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access. All Nova setups using novncproxy are affected. This is related to NovaProxyRequestHandlerBase.new_websocket_client in console/websocketproxy.py.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2020/02/19/2 | Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | https://launchpad.net/bugs/1492140 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://review.opendev.org/220622 | Third Party Advisory | |
| cve@mitre.org | https://security.openstack.org/ossa/OSSA-2020-001.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2020/02/19/2 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.net/bugs/1492140 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://review.opendev.org/220622 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.openstack.org/ossa/OSSA-2020-001.html | Patch, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "DB53B360-8BD9-4AB5-9874-06B0917DEA95", versionEndExcluding: "18.2.4", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "4264A524-3FFF-42D0-B89E-C17890606C01", versionEndExcluding: "19.1.0", versionStartIncluding: "19.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "20E29FBC-6C14-43F1-93CE-235431088DCC", versionEndExcluding: "20.1.0", versionStartIncluding: "20.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access. All Nova setups using novncproxy are affected. This is related to NovaProxyRequestHandlerBase.new_websocket_client in console/websocketproxy.py.", }, { lang: "es", value: "Se detectó un problema en OpenStack Nova versiones anteriores a 18.2.4, versiones 19.x anteriores a 19.1.0 y versiones 20.x anteriores a 20.1.0. Puede filtrar tokens consoleauth en archivos de registro. Un atacante con acceso de lectura a los registros del servicio puede obtener tokens usados para el acceso a la consola. Todas las configuraciones de Nova que usan novncproxy están afectadas. Esto está relacionado con la función NovaProxyRequestHandlerBase.new_websocket_client en el archivo console/websocketproxy.py.", }, ], id: "CVE-2015-9543", lastModified: "2024-11-21T02:40:53.463", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-19T03:15:10.463", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/02/19/2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://launchpad.net/bugs/1492140", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://review.opendev.org/220622", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2020-001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/02/19/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://launchpad.net/bugs/1492140", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://review.opendev.org/220622", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2020-001.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-11-26 04:15
Modified
2024-11-21 01:31
Severity ?
Summary
OpenStack Nova before 2012.1 allows someone with access to an EC2_ACCESS_KEY (equivalent to a username) to obtain the EC2_SECRET_KEY (equivalent to a password). Exposing the EC2_ACCESS_KEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2_SECRET_KEY. An attacker could also presumably brute force values for EC2_ACCESS_KEY.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "7A9AC825-A3CA-48E5-A181-2F41D3E1E350", versionEndExcluding: "2012.1", versionStartIncluding: "2010.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "OpenStack Nova before 2012.1 allows someone with access to an EC2_ACCESS_KEY (equivalent to a username) to obtain the EC2_SECRET_KEY (equivalent to a password). Exposing the EC2_ACCESS_KEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2_SECRET_KEY. An attacker could also presumably brute force values for EC2_ACCESS_KEY.", }, { lang: "es", value: "OpenStack Nova versiones anteriores a 2012.1, permite a alguien con acceso a una EC2_ACCESS_KEY (equivalente a un nombre de usuario) obtener la EC2_SECRET_KEY (equivalente a una contraseña). Exponer el EC2_ACCESS_KEY por medio de http o herramientas que permiten ataques de tipo man-in-the-middle sobre https podría permitir a un atacante obtener fácilmente el EC2_SECRET_KEY. Un atacante también podría presumir valores por fuerza bruta para EC2_ACCESS_KEY.", }, ], id: "CVE-2011-4076", lastModified: "2024-11-21T01:31:47.983", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-11-26T04:15:11.137", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/cve-2011-4076", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/868360", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4076", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://security-tracker.debian.org/tracker/CVE-2011-4076", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2011/10/25/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/cve-2011-4076", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/868360", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4076", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://security-tracker.debian.org/tracker/CVE-2011-4076", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2011/10/25/4", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2012-01-13 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Nova 2011.3 and Essex, when using the OpenStack API, allows remote authenticated users to bypass access restrictions for tenants of other users via an OSAPI request with a modified project_id URI parameter.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:essex:*:*:*:*:*:*:*:*", matchCriteriaId: "F50B9DA6-B071-4B48-A486-54CB3E64AE58", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:2011.3:*:*:*:*:*:*:*", matchCriteriaId: "91787837-B00F-4C62-BCCD-FAAE65563E78", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Nova 2011.3 and Essex, when using the OpenStack API, allows remote authenticated users to bypass access restrictions for tenants of other users via an OSAPI request with a modified project_id URI parameter.", }, { lang: "es", value: "Nova v2011.3 y Essex, cuando usan la API OpenStack, permite a usuarios remotos autenticados eludir las restricciones de acceso mediante una solicitud con un parámetro URI project_id modificado.", }, ], id: "CVE-2012-0030", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2012-01-13T18:55:04.157", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/47543", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/51370", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-1326-1", }, { source: "secalert@redhat.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/72296", }, { source: "secalert@redhat.com", url: "https://github.com/openstack/nova/commit/3d4ffb64f1e18117240c26809788528979e3bd15#diff-0", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://lists.launchpad.net/openstack/msg06648.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/47543", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/51370", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-1326-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/72296", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/openstack/nova/commit/3d4ffb64f1e18117240c26809788528979e3bd15#diff-0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://lists.launchpad.net/openstack/msg06648.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2012-08-17 00:55
Modified
2025-04-11 00:51
Severity ?
Summary
OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lwn.net/Alerts/491298/ | Third Party Advisory | |
| secalert@redhat.com | http://osdir.com/ml/openstack-cloud-computing/2012-03/msg01133.html | Broken Link | |
| secalert@redhat.com | https://bugs.launchpad.net/nova/+bug/962515 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lwn.net/Alerts/491298/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://osdir.com/ml/openstack-cloud-computing/2012-03/msg01133.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/nova/+bug/962515 | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "B9F3DD00-27D4-4C15-929F-96FA18B7293E", versionEndExcluding: "2011.3", versionStartIncluding: "2011.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name.", }, { lang: "es", value: "OpenStack Compute (Nova) Essex antes de v2011.3 permite a usuarios remotos autenticados provocar una denegación de servicio (por consumo de disco al actualizar el fichero de log de Nova-API) a través de un nombre de servidor demasiado largo.\r\n", }, ], id: "CVE-2012-1585", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2012-08-17T00:55:02.017", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lwn.net/Alerts/491298/", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://osdir.com/ml/openstack-cloud-computing/2012-03/msg01133.html", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/962515", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lwn.net/Alerts/491298/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://osdir.com/ml/openstack-cloud-computing/2012-03/msg01133.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/962515", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2012-06-07 19:55
Modified
2025-04-11 00:51
Severity ?
Summary
Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authenticated users with certain permissions to cause a denial of service (CPU and hard drive consumption) via a network request that triggers a large number of iptables rules.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:2011.3:*:*:*:*:*:*:*", matchCriteriaId: "91787837-B00F-4C62-BCCD-FAAE65563E78", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:2012.1:*:*:*:*:*:*:*", matchCriteriaId: "3340EB75-EC5E-431E-87F8-06F967961375", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:folsom:*:*:*:*:*:*:*", matchCriteriaId: "37F07ACC-585B-4890-8447-04F24A45F054", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authenticated users with certain permissions to cause a denial of service (CPU and hard drive consumption) via a network request that triggers a large number of iptables rules.", }, { lang: "es", value: "Openstack Compute (Nova) Folsom v2012.1 y v2011.3 no limitan el número de reglas de seguridad del grupo, lo que permite causar una denegación de servicio (excesivo consumo de CPU y de disco duro) a usuarios remotos autenticados con determinados permisos a través de una solicitud de red que provoca una gran número de reglas de iptables.", }, ], id: "CVE-2012-2101", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2012-06-07T19:55:08.290", references: [ { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079434.html", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079551.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/49034", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/49048", }, { source: "secalert@redhat.com", url: "http://ubuntu.com/usn/usn-1438-1", }, { source: "secalert@redhat.com", url: "http://www.osvdb.org/81641", }, { source: "secalert@redhat.com", url: "https://bugs.launchpad.net/nova/+bug/969545", }, { source: "secalert@redhat.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/75243", }, { source: "secalert@redhat.com", url: "https://github.com/openstack/nova/commit/1f644d210557b1254f7c7b39424b09a45329ade7", }, { source: "secalert@redhat.com", url: "https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb", }, { source: "secalert@redhat.com", url: "https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64", }, { source: "secalert@redhat.com", url: "https://lists.launchpad.net/openstack/msg10268.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079434.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079551.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/49034", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/49048", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://ubuntu.com/usn/usn-1438-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/81641", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.launchpad.net/nova/+bug/969545", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/75243", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/openstack/nova/commit/1f644d210557b1254f7c7b39424b09a45329ade7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.launchpad.net/openstack/msg10268.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-10-31 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | openstack | 5.0 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| openstack | nova | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B152EDF3-3140-4343-802F-F4F1C329F5C3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "434482D6-5DD1-456D-BDB4-3B6CF5DB20E8", versionEndExcluding: "2014.1.4", versionStartIncluding: "2014.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state.", }, { lang: "es", value: "El controlador VMware en OpenStack Compute (Nova) anterior a 2014.1.4 permite a usuarios remotos autenticados causar una denegación de servicio (consumo de disco) mediante la eliminación de un instancia en el estado resize.", }, ], id: "CVE-2014-8333", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-10-31T14:55:07.907", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://lists.openstack.org/pipermail/openstack-announce/2014-October/000298.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0843.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0844.html", }, { source: "cve@mitre.org", tags: [ "Permissions Required", "Third Party Advisory", ], url: "http://secunia.com/advisories/60531", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1359138", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://lists.openstack.org/pipermail/openstack-announce/2014-October/000298.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0843.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0844.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Third Party Advisory", ], url: "http://secunia.com/advisories/60531", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1359138", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-12-05 18:29
Modified
2024-11-21 03:17
Severity ?
Summary
An issue was discovered in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with new images, an authenticated user may consume untracked resources on a hypervisor host leading to a denial of service, aka doubled resource allocations. This regression was introduced with the fix for OSSA-2017-005 (CVE-2017-16239); however, only Nova stable/pike or later deployments with that fix applied and relying on the default FilterScheduler are affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/102102 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://launchpad.net/bugs/1732976 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://review.openstack.org/521662 | Vendor Advisory | |
| cve@mitre.org | https://review.openstack.org/523214 | Vendor Advisory | |
| cve@mitre.org | https://security.openstack.org/ossa/OSSA-2017-006.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102102 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.net/bugs/1732976 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://review.openstack.org/521662 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://review.openstack.org/523214 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.openstack.org/ossa/OSSA-2017-006.html | Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:16.0.3:*:*:*:*:*:*:*", matchCriteriaId: "585F4861-2E60-4D7D-8AE4-52B4E58344FB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with new images, an authenticated user may consume untracked resources on a hypervisor host leading to a denial of service, aka doubled resource allocations. This regression was introduced with the fix for OSSA-2017-005 (CVE-2017-16239); however, only Nova stable/pike or later deployments with that fix applied and relying on the default FilterScheduler are affected.", }, { lang: "es", value: "Se ha descubierto un problema en el FilterScheduler por defecto en OpenStack Nova 16.0.3. Mediante la reconstrucción repetida de una instancia con nuevas imágenes, un usuario autenticado podría consumir recursos no seguidos en un host de hipervisor, lo que conduce a una denegación de servicio (DoS). Esto también se conoce como dobles asignaciones de recursos. Esta regresión fue introducida con el fix para OSSA-2017-005 (CVE-2017-16239); sin embargo, solo las implementaciones Nova stable/pike o siguientes con dicho fix aplicado y dependientes del FilterScheduler se han visto afectadas.", }, ], id: "CVE-2017-17051", lastModified: "2024-11-21T03:17:23.890", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-12-05T18:29:00.227", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/102102", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://launchpad.net/bugs/1732976", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://review.openstack.org/521662", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://review.openstack.org/523214", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2017-006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/102102", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://launchpad.net/bugs/1732976", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://review.openstack.org/521662", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://review.openstack.org/523214", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2017-006.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-07-05 02:15
Modified
2024-11-21 09:15
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom QCOW2 external data. By supplying a crafted QCOW2 image that references a specific data file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Cinder and Nova deployments are affected; only Glance deployments with image conversion enabled are affected.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:cinder:*:*:*:*:*:*:*:*", matchCriteriaId: "15F92D40-6FF4-4B69-8CB7-8738D328C17E", versionEndExcluding: "22.1.3", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:cinder:*:*:*:*:*:*:*:*", matchCriteriaId: "0586E7A0-93EB-4514-B99B-BE36FF601385", versionEndExcluding: "23.1.1", versionStartIncluding: "23.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:cinder:24.0.0:*:*:*:*:*:*:*", matchCriteriaId: "2A0D5772-9130-4882-B766-6C5FABEB0A15", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:glance:*:*:*:*:*:*:*:*", matchCriteriaId: "7D3430EC-399A-48F4-987D-EB040F0C807E", versionEndExcluding: "26.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:glance:*:*:*:*:*:*:*:*", matchCriteriaId: "A7C6F3A6-1F5A-4515-9BF7-EB5F0C3ABD90", versionEndExcluding: "28.0.2", versionStartIncluding: "28.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:glance:27.0.0:*:*:*:*:*:*:*", matchCriteriaId: "15C95296-C24A-4643-9C3A-66E75AEBD8DC", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "8232EDBD-2E0C-45AE-919A-87736B3F2E5D", versionEndExcluding: "27.3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "7BD5E209-E134-4EB1-9D9B-E2B564C4C43A", versionEndExcluding: "28.1.1", versionStartIncluding: "28.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "249930E8-A4FC-484E-A73F-9027B3F2E73C", versionEndExcluding: "29.0.3", versionStartIncluding: "29.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom QCOW2 external data. By supplying a crafted QCOW2 image that references a specific data file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Cinder and Nova deployments are affected; only Glance deployments with image conversion enabled are affected.", }, { lang: "es", value: "Se descubrió un problema en OpenStack Cinder hasta 24.0.0, Glance antes de 28.0.2 y Nova antes de 29.0.3. El acceso arbitrario a archivos puede ocurrir a través de datos externos QCOW2 personalizados. Al proporcionar una imagen QCOW2 manipulada que hace referencia a una ruta de archivo de datos específica, un usuario autenticado puede convencer a los sistemas para que devuelvan una copia del contenido de ese archivo desde el servidor, lo que resulta en un acceso no autorizado a datos potencialmente confidenciales. Todas las implementaciones de Cinder y Nova se ven afectadas; solo se ven afectadas las implementaciones de Glance con la conversión de imágenes habilitada.", }, ], id: "CVE-2024-32498", lastModified: "2024-11-21T09:15:02.123", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-07-05T02:15:09.840", references: [ { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2024/07/02/2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://launchpad.net/bugs/2059809", }, { source: "cve@mitre.org", url: "https://security.openstack.org/ossa/OSSA-2024-001.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", ], url: "https://www.openwall.com/lists/oss-security/2024/07/02/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/07/02/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://launchpad.net/bugs/2059809", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2024/09/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", ], url: "https://www.openwall.com/lists/oss-security/2024/07/02/2", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-552", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2011-12-23 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted (1) tarball or (2) manifest.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "ADBD6357-A118-4AE8-9510-E81A7700EEEC", versionEndExcluding: "2011.3.1", versionStartIncluding: "2011.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted (1) tarball or (2) manifest.", }, { lang: "es", value: "Múltiples vulnerabilidades de salto de directorio en OpenStack Nova anterior a v2011.3.1, cuando el EC2 API y el método S3/RegisterImage image-registration están habilitados, cuando está habilitado register_globals, permite que usuarios remotos autenticados sobrescriban archivos arbitrarios a través de una (1) tarball o (2) manifest manipulado.", }, ], id: "CVE-2011-4596", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2011-12-23T22:55:00.990", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/885167", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/894755", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://github.com/openstack/nova/commit/76363226bd8533256f7795bba358d7f4b8a6c9e6", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://github.com/openstack/nova/commit/ad3241929ea00569c74505ed002208ce360c667e", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.launchpad.net/openstack/msg06105.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/885167", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/894755", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/openstack/nova/commit/76363226bd8533256f7795bba358d7f4b8a6c9e6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/openstack/nova/commit/ad3241929ea00569c74505ed002208ce360c667e", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.launchpad.net/openstack/msg06105.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-10-08 19:55
Modified
2025-04-12 10:46
Severity ?
Summary
The strutils.mask_password function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 does not properly mask passwords when logging commands, which allows local users to obtain passwords by reading the log.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:cinder:*:*:*:*:*:*:*:*", matchCriteriaId: "CBC66A4A-2D3E-432A-B642-861B45B4AC35", versionEndExcluding: "2013.2.4", versionStartIncluding: "2013.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:cinder:*:*:*:*:*:*:*:*", matchCriteriaId: "895976CB-E362-45E6-872B-B1A060A2E1A0", versionEndExcluding: "2014.1.3", versionStartIncluding: "2014.1", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "A8D50F1D-BB54-4193-9D5E-3D558C34F897", versionEndExcluding: "2013.2.4", versionStartIncluding: "2013.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "82FE6CB2-DF2F-4BFF-A27B-06FFE3195178", versionEndExcluding: "2014.1.3", versionStartIncluding: "2014.1", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:trove:*:*:*:*:*:*:*:*", matchCriteriaId: "8EDF6737-0BFE-4958-829D-250745A8742E", versionEndExcluding: "2013.2.4", versionStartIncluding: "2013.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:trove:*:*:*:*:*:*:*:*", matchCriteriaId: "6496CBDF-E0C1-421A-BA81-61E76C972455", versionEndExcluding: "2014.1.3", versionStartIncluding: "2014.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B152EDF3-3140-4343-802F-F4F1C329F5C3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The strutils.mask_password function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 does not properly mask passwords when logging commands, which allows local users to obtain passwords by reading the log.", }, { lang: "es", value: "La función strutils.mask_password en la libraría de utilidades de OpenStack Oslo, Cinder, Nova, y Trove anterior a 2013.2.4 y 2014.1 anterior a 2014.1.3 no enmasca debidamente contraseñas cuando registra comandos, lo que permite a usuarios locales obtener contraseñas mediante la lectura del registro.", }, ], id: "CVE-2014-7231", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-10-08T19:55:04.500", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1939.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2014/q3/853", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/70184", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.launchpad.net/oslo.utils/+bug/1345233", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/96726", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1939.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2014/q3/853", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/70184", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.launchpad.net/oslo.utils/+bug/1345233", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/96726", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-01-23 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2014-0231.html | Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2014/01/13/2 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://bugs.launchpad.net/nova/+bug/1227027 | Exploit, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0231.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/01/13/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/nova/+bug/1227027 | Exploit, Patch, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "6083B18B-F1A5-4AE8-A721-125040A352CC", versionEndIncluding: "2013.1.4", versionStartIncluding: "2013.1", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "86A639C7-CE68-4C6B-B806-4AD701F05F40", versionEndIncluding: "2013.2.1", versionStartIncluding: "2013.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots.", }, { lang: "es", value: "OpenStack Compute (Nova) Grizzly 2013.1.4,, La Habana 2013.2.1, y anteriores utilizan con permiso de escritura y lectura universal para el directorio temporal usado para almacenar las instantáneas en vivo (snapshots), lo que permite a usuarios locales leer y modificar instantáneas en vivo (snapshots).", }, ], id: "CVE-2013-7048", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-01-23T21:55:04.977", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0231.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2014/01/13/2", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1227027", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0231.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2014/01/13/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1227027", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-02-19 17:29
Modified
2024-11-21 03:19
Severity ?
Summary
An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error also results in data loss, but that is not a vulnerability because the user loses their own data.) All Nova setups supporting encrypted volumes are affected.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "C4941F71-BCC5-4D52-A640-29ECE6A1EC4E", versionEndIncluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "314BD034-893F-42AF-B3A2-C44117AD4E9B", versionEndIncluding: "16.1.1", versionStartIncluding: "16.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*", matchCriteriaId: "F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*", matchCriteriaId: "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*", matchCriteriaId: "4D4AC996-B340-4A14-86F7-FF83B4D5EC8F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error also results in data loss, but that is not a vulnerability because the user loses their own data.) All Nova setups supporting encrypted volumes are affected.", }, { lang: "es", value: "Se ha descubierto un problema en OpenStack Nova en versiones 15.x hasta la 15.1.0 y 16.x hasta la 16.1.1. Al desconectar y volver a conectar un volumen cifrado, un atacante podría acceder al volumen en bruto subyacente y corromper la cabecera LUKS, resultando en un ataque de denegación de servicio (DoS) en el host de computación. (El mismo código de error resulta en pérdida de datos, pero no se trata de una vulnerabilidad porque el usuario pierde sus propios datos). Todas las configuraciones de Nova que soportan volúmenes cifrados están afectadas.", }, ], id: "CVE-2017-18191", lastModified: "2024-11-21T03:19:31.433", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-02-19T17:29:00.203", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://openwall.com/lists/oss-security/2018/04/20/3", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/103104", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2332", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2714", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2855", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://launchpad.net/bugs/1739593", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://review.openstack.org/539893", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2018-001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://openwall.com/lists/oss-security/2018/04/20/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/103104", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2332", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2714", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2855", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://launchpad.net/bugs/1739593", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://review.openstack.org/539893", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2018-001.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-12-05 17:15
Modified
2024-11-21 01:47
Severity ?
Summary
OpenStack nova base images permissions are world readable
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/cve-2013-0326 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0326 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-0326 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://security-tracker.debian.org/tracker/CVE-2013-0326 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/cve-2013-0326 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0326 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-0326 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2013-0326 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openstack | nova | - | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:-:*:*:*:*:*:*:*", matchCriteriaId: "CD4D56E4-FA50-45C5-B723-98CE03C4F884", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "OpenStack nova base images permissions are world readable", }, { lang: "es", value: "Los permisos de imágenes base de OpenStack nova son de tipo world readable.", }, ], id: "CVE-2013-0326", lastModified: "2024-11-21T01:47:18.737", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-05T17:15:11.827", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/cve-2013-0326", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0326", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-0326", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security-tracker.debian.org/tracker/CVE-2013-0326", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/cve-2013-0326", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0326", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-0326", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security-tracker.debian.org/tracker/CVE-2013-0326", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-732", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-10-26 17:59
Modified
2025-04-12 10:46
Severity ?
Summary
OpenStack Compute (nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances while in the resize state.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "8E483493-8EAA-4772-85E6-8F05C8F0C9F4", versionEndExcluding: "2014.2.4", versionStartIncluding: "2014.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "6F2937D9-1DB2-4C70-B5AA-E9E847090F6E", versionEndExcluding: "2015.1.2", versionStartIncluding: "2015.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "OpenStack Compute (nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances while in the resize state.", }, { lang: "es", value: "OpenStack Compute (nova) en versiones anteriores a 2014.2.4 (juno) y 2015.1.x en versiones anteriores a 2015.1.2 (kilo) no elimina adecuadamente casos desde los nodos de cómputo, lo que permite a usuarios remotos autenticados provocar una denegación de servicio (consumo del disco) borrando instancias cuando entra en el estado de cambio de tamaño.", }, ], id: "CVE-2015-3280", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-10-26T17:59:03.747", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1898.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/76553", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://launchpad.net/bugs/1392527", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2015-017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1898.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/76553", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://launchpad.net/bugs/1392527", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2015-017.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-03 07:15
Modified
2024-11-21 07:14
Severity ?
Summary
An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnic_type, creating an instance bound to that port, and then changing the vnic_type of the bound port to macvtap, an authenticated user may cause the compute service to fail to restart, resulting in a possible denial of service. Only Nova deployments configured with SR-IOV are affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://bugs.launchpad.net/ossa/+bug/1981813 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://review.opendev.org/c/openstack/nova/+/849985 | Patch, Third Party Advisory | |
| cve@mitre.org | https://review.opendev.org/c/openstack/nova/+/850003 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/ossa/+bug/1981813 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://review.opendev.org/c/openstack/nova/+/849985 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://review.opendev.org/c/openstack/nova/+/850003 | Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "3C3E7C95-0C37-49D2-9FEC-ADC348D86275", versionEndExcluding: "23.2.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "DDEDE391-A318-42E9-BE11-7E4CE993D9C6", versionEndExcluding: "24.1.2", versionStartIncluding: "24.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "BF944840-5CF2-45C9-8F09-E2003B4E378F", versionEndExcluding: "25.0.2", versionStartIncluding: "25.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnic_type, creating an instance bound to that port, and then changing the vnic_type of the bound port to macvtap, an authenticated user may cause the compute service to fail to restart, resulting in a possible denial of service. Only Nova deployments configured with SR-IOV are affected.", }, { lang: "es", value: "Se ha detectado un problema en OpenStack Nova versiones anteriores a 23.2.2, 24.x anteriores a 24.1.2 y 25.x anteriores a 25.0.2. Al crear un puerto de neutrones con el vnic_type directo, crear una instancia vinculada a ese puerto y luego cambiar el vnic_type del puerto vinculado a macvtap, un usuario autenticado puede causar que el servicio de computación no sea reiniciado, resultando en una posible denegación de servicio. Sólo están afectadas las implantaciones de Nova configuradas con SR-IOV", }, ], id: "CVE-2022-37394", lastModified: "2024-11-21T07:14:54.783", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-03T07:15:07.757", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.launchpad.net/ossa/+bug/1981813", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://review.opendev.org/c/openstack/nova/+/849985", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://review.opendev.org/c/openstack/nova/+/850003", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://bugs.launchpad.net/ossa/+bug/1981813", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://review.opendev.org/c/openstack/nova/+/849985", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://review.opendev.org/c/openstack/nova/+/850003", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-03-06 15:55
Modified
2025-04-12 10:46
Severity ?
Summary
The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service (disk consumption) by creating and deleting instances with unique os_type settings, which triggers the creation of a new ephemeral disk backing file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.openstack.org/pipermail/openstack-announce/2013-December/000179.html | Patch, Vendor Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2014-0231.html | Third Party Advisory | |
| secalert@redhat.com | https://bugs.launchpad.net/nova/+bug/1253980 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.openstack.org/pipermail/openstack-announce/2013-December/000179.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0231.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/nova/+bug/1253980 | Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "CFD62B8C-D52F-4A31-ABDF-9390182BA803", versionEndExcluding: "2013.1.5", versionStartIncluding: "2013.1", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "9B2A2CFC-2233-4868-8508-6C513B201DA5", versionEndExcluding: "2013.2.2", versionStartIncluding: "2013.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:2014.1:milestone1:*:*:*:*:*:*", matchCriteriaId: "FB6BAFED-3BC9-4B5E-890C-8AA14666E28D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service (disk consumption) by creating and deleting instances with unique os_type settings, which triggers the creation of a new ephemeral disk backing file.", }, { lang: "es", value: "El controlador libvirt en OpenStack Compute (Nova) anterior a 2013.2.2 y icehouse anterior a icehouse-2 permite a usuarios remotos autenticados causar una denegación de servicio (consumo de disco) mediante creación y eliminación de instancias con configuraciones os_type únicas, lo que provoca la creación de un archivo de respaldo de disco efímero nuevo.", }, ], id: "CVE-2013-6437", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-03-06T15:55:28.767", references: [ { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://lists.openstack.org/pipermail/openstack-announce/2013-December/000179.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0231.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1253980", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://lists.openstack.org/pipermail/openstack-announce/2013-December/000179.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-0231.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1253980", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-04-22 16:29
Modified
2024-11-21 01:29
Severity ?
Summary
Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bazaar.launchpad.net/~hudson-openstack/nova/trunk/revision/1604 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://bazaar.launchpad.net/~hudson-openstack/nova/trunk/revision/1604 | Patch, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "7A9AC825-A3CA-48E5-A181-2F41D3E1E350", versionEndExcluding: "2012.1", versionStartIncluding: "2010.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem.", }, { lang: "es", value: "Las versiones de nova anteriores a 2012.1 podrían exponer los archivos de host de hipervisor a un sistema operativo invitado al procesar un sistema de archivos qcow construido de forma maliciosa.", }, ], id: "CVE-2011-3147", lastModified: "2024-11-21T01:29:50.613", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 2.8, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.1, impactScore: 1.4, source: "cve@mitre.org", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-04-22T16:29:00.350", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "http://bazaar.launchpad.net/~hudson-openstack/nova/trunk/revision/1604", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://bazaar.launchpad.net/~hudson-openstack/nova/trunk/revision/1604", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2012-08-20 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
virt/disk/api.py in OpenStack Compute (Nova) 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image that uses a symlink that is only readable by root. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3361.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:folsom:*:*:*:*:*:*:*:*", matchCriteriaId: "64EBA4DA-1439-4DCF-812E-C1F932032CD6", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:2012.1:*:*:*:*:*:*:*", matchCriteriaId: "3340EB75-EC5E-431E-87F8-06F967961375", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "virt/disk/api.py in OpenStack Compute (Nova) 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image that uses a symlink that is only readable by root. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3361.", }, { lang: "es", value: "virt/disk/api.py en OpenStack Compute (Nova) v2012.1.x antes de v2012.1.2 y Folsom antes de Folsom-3 permite a usuarios remotos autenticados sobreescribir archivos de su elección mediante un ataque de enlaces simbólicos en una imagen que utiliza un enlace simbólico que es sólo legible por el usuario root. NOTA: esta vulnerabilidad se debe a un arreglo incompleto para CVE-2012-3361.\r\n", }, ], id: "CVE-2012-3447", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2012-08-20T18:55:03.293", references: [ { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2012/08/07/1", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/54869", }, { source: "secalert@redhat.com", url: "https://bugs.launchpad.net/nova/+bug/1031311", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=845106", }, { source: "secalert@redhat.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/77539", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Patch", ], url: "https://github.com/openstack/nova/commit/ce4b2e27be45a85b310237615c47eb53f37bb5f3", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Patch", ], url: "https://github.com/openstack/nova/commit/d9577ce9f266166a297488445b5b0c93c1ddb368", }, { source: "secalert@redhat.com", url: "https://review.openstack.org/#/c/10953/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2012/08/07/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/54869", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.launchpad.net/nova/+bug/1031311", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=845106", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/77539", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", ], url: "https://github.com/openstack/nova/commit/ce4b2e27be45a85b310237615c47eb53f37bb5f3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", ], url: "https://github.com/openstack/nova/commit/d9577ce9f266166a297488445b5b0c93c1ddb368", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://review.openstack.org/#/c/10953/", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-08-07 11:13
Modified
2025-04-12 10:46
Severity ?
Summary
api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2, when proxying metadata requests through Neutron, makes it easier for remote attackers to guess instance ID signatures via a brute-force attack that relies on timing differences in responses to instance metadata requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2014/07/17/2 | Patch, Third Party Advisory | |
| secalert@redhat.com | https://bugs.launchpad.net/nova/+bug/1325128 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/07/17/2 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/nova/+bug/1325128 | Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "DA51F598-3F53-4386-9953-8EAE0A6B41F0", versionEndIncluding: "2013.2.4", versionStartIncluding: "2013.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "2D2AC947-3F65-408D-AC2D-A6FCA805EDF2", versionEndExcluding: "2014.1.2", versionStartIncluding: "2014.1", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:2014.2.0:milestone1:*:*:*:*:*:*", matchCriteriaId: "24D7E080-7538-44C9-AF6D-43240967F72E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2, when proxying metadata requests through Neutron, makes it easier for remote attackers to guess instance ID signatures via a brute-force attack that relies on timing differences in responses to instance metadata requests.", }, { lang: "es", value: "api/metadata/handler.py en OpenStack Compute (Nova) anterior a 2013.2.4, 2014.x anterior a 2014.1.2 y Juno anterior a Juno-2, cuando redirige las solicitudes de metadatos a través de Neutron, facilita a atacantes remotos adivinar las firmas de ID de instancia a través de un ataque de fuerza bruta que se basa en las diferencias de tiempo en las respuestas a las solicitudes de metadatos de la instancia.", }, ], id: "CVE-2014-3517", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-08-07T11:13:34.967", references: [ { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2014/07/17/2", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1325128", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2014/07/17/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1325128", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-01-15 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
The volume_utils._parse_volume_info function in OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty) includes the connection_info dictionary in the StorageError message when using the Xen backend, which might allow attackers to obtain sensitive password information by reading log files or other unspecified vectors.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "5ACD733B-4598-483E-A4D9-1832A4FF8C0D", versionEndExcluding: "12.0.1", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "91367215-987B-46AE-A997-016C0BD8BEF3", versionEndExcluding: "2015.1.3", versionStartIncluding: "2015.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The volume_utils._parse_volume_info function in OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty) includes the connection_info dictionary in the StorageError message when using the Xen backend, which might allow attackers to obtain sensitive password information by reading log files or other unspecified vectors.", }, { lang: "es", value: "La función volume_utils._parse_volume_info en OpenStack Compute (Nova) en versiones anteriores a 2015.1.3 (kilo) y 12.0.x en versiones anteriores a 12.0.1 (liberty) incluye el diccionario connection_info en el mensaje StorageError cuando utiliza el backend Xen, lo que permitiría a atacantes obtener información sensible de contraseña leyendo archivos de registro u otros vectores no especificados.", }, ], id: "CVE-2015-8749", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-01-15T19:59:04.133", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/01/07/8", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/01/07/9", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/80189", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1516765", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2016-002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/01/07/8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/01/07/9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/80189", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1516765", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2016-002.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-10-15 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
Race condition in the VMware driver in OpenStack Compute (Nova) before 2014.1.4 and 2014.2 before 2014.2rc1 allows remote authenticated users to access unintended consoles by spawning an instance that triggers the same VNC port to be allocated to two different instances.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "434482D6-5DD1-456D-BDB4-3B6CF5DB20E8", versionEndExcluding: "2014.1.4", versionStartIncluding: "2014.1", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:2014.2:milestone1:*:*:*:*:*:*", matchCriteriaId: "49119C93-C9F1-4720-A944-8B1438F86CAB", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:2014.2:milestone2:*:*:*:*:*:*", matchCriteriaId: "E0F444AD-2319-49A4-B38D-C2B501F4FACD", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:2014.2:milestone3:*:*:*:*:*:*", matchCriteriaId: "5667BF57-D552-4AAD-A2E3-93D55925CD75", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Race condition in the VMware driver in OpenStack Compute (Nova) before 2014.1.4 and 2014.2 before 2014.2rc1 allows remote authenticated users to access unintended consoles by spawning an instance that triggers the same VNC port to be allocated to two different instances.", }, { lang: "es", value: "Condición de carrera en el driver de VMware en OpenStack Compute (Nova) anterior a 2014.1.4 y 2014.2 anterior a 2014.2rc1, permite a usuarios remotos autenticados acceder a consolas no intencionadas, mediante una instancia que desencadena que el mismo puerto VNC sea asignado a dos instancias diferentes.", }, ], id: "CVE-2014-8750", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-10-15T14:55:09.637", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://lists.openstack.org/pipermail/openstack-announce/2014-October/000293.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1689.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1781.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1782.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/60227", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2014/10/14/9", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/70182", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1357372", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://lists.openstack.org/pipermail/openstack-announce/2014-October/000293.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1689.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1781.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1782.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/60227", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2014/10/14/9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/70182", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1357372", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-362", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-04-12 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
The libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) and 12.0.x before 12.0.3 (liberty), when using raw storage and use_cow_images is set to false, allows remote authenticated users to read arbitrary files via a crafted qcow2 header in an ephemeral or root disk.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2016/03/08/6 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/84277 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://bugs.launchpad.net/nova/+bug/1548450 | Third Party Advisory | |
| secalert@redhat.com | https://security.openstack.org/ossa/OSSA-2016-007.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/03/08/6 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/84277 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/nova/+bug/1548450 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.openstack.org/ossa/OSSA-2016-007.html | Patch, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "142529AB-F3CF-465C-9CB5-73882DA5F426", versionEndExcluding: "12.0.3", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "5F9CAA05-E091-44E1-A511-BA3BA7B3A11D", versionEndExcluding: "2015.1.4", versionStartIncluding: "2015.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) and 12.0.x before 12.0.3 (liberty), when using raw storage and use_cow_images is set to false, allows remote authenticated users to read arbitrary files via a crafted qcow2 header in an ephemeral or root disk.", }, { lang: "es", value: "El controlador libvirt en OpenStack Compute (Nova) en versiones anteriores a 2015.1.4 (kilo) y 12.0.x en versiones anteriores a 12.0.3 (liberty), cuando usa almacenamiento en bruto y use_cow_images está establecido a false, permite a usuarios remotos autenticados leer archivos arbitrarios a través de una cabecera qcow2 manipulada en un disco efímero o root.", }, ], id: "CVE-2016-2140", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-04-12T14:59:10.120", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/03/08/6", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/84277", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1548450", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2016-007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2016/03/08/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/84277", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1548450", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2016-007.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-03-21 18:59
Modified
2024-11-21 03:31
Severity ?
Summary
An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1. Legacy notification exception contexts appearing in ERROR level logs may include sensitive information such as account passwords and authorization tokens.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/96998 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2017:1508 | ||
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2017:1595 | ||
| cve@mitre.org | https://launchpad.net/bugs/1673569 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96998 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1595 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.net/bugs/1673569 | Patch, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BF818F64-06A3-4B6F-84DA-ACA0487D4A87", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:13.1.0:*:*:*:*:*:*:*", matchCriteriaId: "2B647430-A8A7-4ABE-957E-E2B758000948", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:13.1.1:*:*:*:*:*:*:*", matchCriteriaId: "61702707-B600-49EF-8393-8144079C1C81", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:13.1.2:*:*:*:*:*:*:*", matchCriteriaId: "AC9C11ED-9F06-4CEA-9808-36E3FF064E7A", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:13.1.3:*:*:*:*:*:*:*", matchCriteriaId: "6FC1CEF3-886E-4E6A-84BD-0991CF071173", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:14.0.0:*:*:*:*:*:*:*", matchCriteriaId: "20C9A79A-8C56-4951-B420-D5969E637299", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:14.0.1:*:*:*:*:*:*:*", matchCriteriaId: "6D2AE2C0-2B2C-46BA-A013-FC6CAB05A747", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:14.0.2:*:*:*:*:*:*:*", matchCriteriaId: "E7F1818F-AC8D-4E7C-AFB3-1DC93C5D0C43", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:14.0.3:*:*:*:*:*:*:*", matchCriteriaId: "28DAA045-F5D4-4FB7-BAD3-1E390BA0DE91", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:14.0.4:*:*:*:*:*:*:*", matchCriteriaId: "B1D1B42F-2EEB-40AD-8BF4-1C67AF850C32", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:15.0.0:*:*:*:*:*:*:*", matchCriteriaId: "86CACA5B-1C6D-4048-B744-D14B00BFEAA0", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:15.0.1:*:*:*:*:*:*:*", matchCriteriaId: "4675B0D5-9944-4F0A-9FBC-8C1A3AE6E82B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1. Legacy notification exception contexts appearing in ERROR level logs may include sensitive information such as account passwords and authorization tokens.", }, { lang: "es", value: "Un problema ha sido descubierto en exception_wrapper.py en OpenStack Nova 13.x en versiones hasta 13.1.3, 14.x en versiones hasta 14.0.4 y 15.x en versiones hasta 15.0.1. Los contextos de legado excepción de notificación que aparecen en los registros de nivel de ERROR pueden incluir información confidencial como contraseñas de cuenta y tokens de autorización.", }, ], id: "CVE-2017-7214", lastModified: "2024-11-21T03:31:23.147", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-03-21T18:59:00.167", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/96998", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2017:1508", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2017:1595", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://launchpad.net/bugs/1673569", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/96998", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2017:1508", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2017:1595", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://launchpad.net/bugs/1673569", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-532", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-26 22:15
Modified
2025-03-31 17:15
Severity ?
5.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
5.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
5.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Summary
An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:cinder:*:*:*:*:*:*:*:*", matchCriteriaId: "531CEC59-C89D-4416-AC92-D92CBA2F32C3", versionEndIncluding: "19.1.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:cinder:*:*:*:*:*:*:*:*", matchCriteriaId: "3636C648-FC6C-44AC-84AD-EF836210DAD5", versionEndExcluding: "20.0.2", versionStartIncluding: "20.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:glance:*:*:*:*:*:*:*:*", matchCriteriaId: "0634A511-6250-48F5-9092-37CB34260C55", versionEndExcluding: "23.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:glance:*:*:*:*:*:*:*:*", matchCriteriaId: "DE562E53-F529-4A1E-A3E5-82D001D13D6D", versionEndExcluding: "24.1.1", versionStartIncluding: "24.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "88600959-29B0-48E9-B9AC-BF68F09D5934", versionEndExcluding: "24.1.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "BF944840-5CF2-45C9-8F09-E2003B4E378F", versionEndExcluding: "25.0.2", versionStartIncluding: "25.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data.", }, { lang: "es", value: "Se descubrió un problema en OpenStack Cinder antes de 19.1.2, 20.x antes de 20.0.2 y 21.0.0; Vistazo antes de 23.0.1, 24.x antes de 24.1.1 y 25.0.0; y Nova antes de 24.1.2, 25.x antes de 25.0.2 y 26.0.0. Al proporcionar una imagen plana VMDK especialmente creada que hace referencia a una ruta de archivo de respaldo específica, un usuario autenticado puede convencer a los sistemas para que devuelvan una copia del contenido de ese archivo desde el servidor, lo que resulta en un acceso no autorizado a datos potencialmente confidenciales.", }, ], id: "CVE-2022-47951", lastModified: "2025-03-31T17:15:39.117", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-01-26T22:15:25.823", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://launchpad.net/bugs/1996188", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00040.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00041.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00042.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2023-002.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5336", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5337", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5338", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://launchpad.net/bugs/1996188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00041.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00042.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2023-002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5336", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5337", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2023/dsa-5338", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2014-10-08 19:55
Modified
2025-04-12 10:46
Severity ?
Summary
The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:cinder:*:*:*:*:*:*:*:*", matchCriteriaId: "CBC66A4A-2D3E-432A-B642-861B45B4AC35", versionEndExcluding: "2013.2.4", versionStartIncluding: "2013.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:cinder:*:*:*:*:*:*:*:*", matchCriteriaId: "895976CB-E362-45E6-872B-B1A060A2E1A0", versionEndExcluding: "2014.1.3", versionStartIncluding: "2014.1", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "A8D50F1D-BB54-4193-9D5E-3D558C34F897", versionEndExcluding: "2013.2.4", versionStartIncluding: "2013.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "82FE6CB2-DF2F-4BFF-A27B-06FFE3195178", versionEndExcluding: "2014.1.3", versionStartIncluding: "2014.1", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:trove:*:*:*:*:*:*:*:*", matchCriteriaId: "8EDF6737-0BFE-4958-829D-250745A8742E", versionEndExcluding: "2013.2.4", versionStartIncluding: "2013.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:trove:*:*:*:*:*:*:*:*", matchCriteriaId: "6496CBDF-E0C1-421A-BA81-61E76C972455", versionEndExcluding: "2014.1.3", versionStartIncluding: "2014.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B152EDF3-3140-4343-802F-F4F1C329F5C3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.", }, { lang: "es", value: "La función processutils.execute en OpenStack oslo-incubator, Cinder, Nova, y Trove anterior a 2013.2.4 y 2014.1 anterior a 2014.1.3 permite a usuarios locales obtener contraseñas de comandos que causan un error de ejecución de proceso (ProcessExecutionError) mediante la lectura del registro.", }, ], id: "CVE-2014-7230", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-10-08T19:55:04.453", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1939.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2014/q3/853", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/70185", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2405-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/oslo-incubator/+bug/1343604", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/96725", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1939.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2014/q3/853", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/70185", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2405-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/oslo-incubator/+bug/1343604", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/96725", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-04-01 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
OpenStack Compute (Nova) before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "434482D6-5DD1-456D-BDB4-3B6CF5DB20E8", versionEndExcluding: "2014.1.4", versionStartIncluding: "2014.1", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "76CC8CDA-CF5E-4550-B03B-7B5473EAF586", versionEndExcluding: "2014.2.3", versionStartIncluding: "2014.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:2015.1.0:milestone1:*:*:*:*:*:*", matchCriteriaId: "7E69A3DC-EA7F-4446-9967-C9F9043989E5", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:2015.1.0:milestone2:*:*:*:*:*:*", matchCriteriaId: "A5231464-B99C-44DD-9E70-C790EF4DC4D6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "OpenStack Compute (Nova) before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage.", }, { lang: "es", value: "OpenStack Compute (Nova) anterior a 2014.1.4, 2014.2.x anterior a 2014.2.3, y kilo anterior a kilo-3 no valida el origen de las solicitudes websocket, lo que permite a atacantes remotos secuestrar la autenticación de usuarios para el acceso a consolas a través de una página web manipulada.", }, ], id: "CVE-2015-0259", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 4.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-04-01T14:59:01.380", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://lists.openstack.org/pipermail/openstack-announce/2015-March/000341.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0790.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0843.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0844.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1409142", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://lists.openstack.org/pipermail/openstack-announce/2015-March/000341.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0790.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0843.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0844.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1409142", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-345", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-09 19:15
Modified
2024-11-21 04:26
Severity ?
Summary
An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openstack | nova | * | |
| openstack | nova | * | |
| openstack | nova | * | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.04 | |
| redhat | openstack | 10 | |
| redhat | openstack | 13 | |
| redhat | openstack | 14 | |
| debian | debian_linux | 10.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "EE0CC5BD-1292-4383-8876-923B39B6C13E", versionEndExcluding: "17.0.12", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "00B28380-65F3-4A6C-B438-60EEB0031DFD", versionEndExcluding: "18.2.2", versionStartIncluding: "18.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "E4998E9A-D90E-4F11-A55D-2F4B6AF5A377", versionEndExcluding: "19.0.2", versionStartIncluding: "19.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", matchCriteriaId: "CD783B0C-9246-47D9-A937-6144FE8BFF0F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*", matchCriteriaId: "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*", matchCriteriaId: "704CFA1A-953E-4105-BFBE-406034B83DED", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*", matchCriteriaId: "EB7F358B-5E56-41AB-BB8A-23D3CB7A248B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data.", }, { lang: "es", value: "Se detectó un problema en OpenStack Nova en versiones anteriores a 17.0.12, versiones 18.x anteriores a 18.2.2, y versiones 19.x anteriores a 19.0.2. Si una petición de la API de un usuario autenticado termina en una condición de fallo debido a una excepción externa, los detalles del entorno subyacente puede ser filtrados en la respuesta, y podrían incluir una configuración confidencial u otros datos.", }, ], id: "CVE-2019-14433", lastModified: "2024-11-21T04:26:44.467", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-09T19:15:11.577", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/08/06/6", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2622", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2631", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2652", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://launchpad.net/bugs/1837877", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/09/msg00018.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2019-003.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4104-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/08/06/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2622", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2631", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2652", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://launchpad.net/bugs/1837877", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/09/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2019-003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4104-1/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-209", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-09-16 19:14
Modified
2025-04-11 00:51
Severity ?
Summary
OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to obtain sensitive information (flavor properties), boot arbitrary flavors, and possibly have other unspecified impacts by guessing the flavor id.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2013-1199.html | Third Party Advisory | |
| secalert@redhat.com | http://seclists.org/oss-sec/2013/q3/281 | Mailing List, Patch, Third Party Advisory | |
| secalert@redhat.com | https://bugs.launchpad.net/nova/+bug/1194093 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-1199.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/oss-sec/2013/q3/281 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/nova/+bug/1194093 | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "36A93145-EDD3-4DE9-B30B-214FD2A5B5C7", versionEndExcluding: "2013.1.3", versionStartIncluding: "2013.1", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:2013.2:milestone1:*:*:*:*:*:*", matchCriteriaId: "8C235C8D-C3CC-47F6-A437-1511E8050496", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to obtain sensitive information (flavor properties), boot arbitrary flavors, and possibly have other unspecified impacts by guessing the flavor id.", }, { lang: "es", value: "OpenStack Compute (Nova) anterior a 2013.1.3 y Havana anterior havana-2 no fuerza apropiadamente la propiedad \"os-flavor-access:is_public\" lo que permite a usuarios remotos autenticados obtener información sensible sobre (propiedades flavor) , opciones de arranque y posiblemente otros impactos adivinando el \"flavor id\"", }, ], id: "CVE-2013-2256", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-09-16T19:14:38.037", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1199.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2013/q3/281", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1194093", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-1199.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2013/q3/281", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1194093", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-02 23:15
Modified
2024-11-21 06:22
Severity ?
Summary
A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openstack | nova | * | |
| openstack | nova | * | |
| openstack | nova | * | |
| redhat | openstack_platform | 16.1 | |
| redhat | openstack_platform | 16.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "0A99696E-FCFF-4062-8366-DE5A4BAD3D0A", versionEndExcluding: "21.2.3", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "CBF7F6B1-7A2D-42F6-88CC-162AB964F38D", versionEndExcluding: "22.2.3", versionStartIncluding: "22.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "528D1C49-1D96-4D38-B4DF-7B428ACA12CE", versionEndExcluding: "23.0.3", versionStartIncluding: "23.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*", matchCriteriaId: "DCC81071-B46D-4F5D-AC25-B4A4CCC20C73", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*", matchCriteriaId: "4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.", }, { lang: "es", value: "Se ha encontrado una vulnerabilidad en el proxy de consola de openstack-nova, noVNC. Mediante el diseño de una URL maliciosa, noVNC puede ser redirigido a cualquier URL deseada", }, ], id: "CVE-2021-3654", lastModified: "2024-11-21T06:22:04.870", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 4.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-02T23:15:08.730", references: [ { source: "secalert@redhat.com", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1927677", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://bugs.python.org/issue32084", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1961439", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://opendev.org/openstack/nova/commit/04d48527b62a35d912f93bc75613a6cca606df66", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://opendev.org/openstack/nova/commit/8906552cfc2525a44251d4cf313ece61e57251eb", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/202305-02", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2021-002.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2021/07/29/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1927677", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://bugs.python.org/issue32084", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1961439", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://opendev.org/openstack/nova/commit/04d48527b62a35d912f93bc75613a6cca606df66", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://opendev.org/openstack/nova/commit/8906552cfc2525a44251d4cf313ece61e57251eb", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/202305-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2021-002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2021/07/29/2", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-601", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-601", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-01-12 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty), when using libvirt to spawn instances and use_cow_images is set to false, allow remote authenticated users to read arbitrary files by overwriting an instance disk with a crafted image and requesting a snapshot.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2016-0018.html | Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/80176 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://security.openstack.org/ossa/OSSA-2016-001.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-0018.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/80176 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.openstack.org/ossa/OSSA-2016-001.html | Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "5ACD733B-4598-483E-A4D9-1832A4FF8C0D", versionEndExcluding: "12.0.1", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "91367215-987B-46AE-A997-016C0BD8BEF3", versionEndExcluding: "2015.1.3", versionStartIncluding: "2015.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty), when using libvirt to spawn instances and use_cow_images is set to false, allow remote authenticated users to read arbitrary files by overwriting an instance disk with a crafted image and requesting a snapshot.", }, { lang: "es", value: "OpenStack Compute (Nova) en versiones anteriores a 2015.1.3 (kilo) y 12.0.x en versiones anteriores a 12.0.1 (liberty), cuando se utiliza libvirt para producir instancias y use_cow_images se establece en false, permite a usuarios remotos autenticados leer archivos arbitrarios sobrescribiendo una instancia de disco con una imagen manipulada y solicitando una instantánea.", }, ], id: "CVE-2015-7548", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:H/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-01-12T19:59:06.017", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0018.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/80176", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2016-001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/80176", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2016-001.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-08-26 19:15
Modified
2024-11-21 05:07
Severity ?
Summary
An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova before 19.3.1, 20.x before 20.3.1, and 21.0.0. By performing a soft reboot of an instance that has previously undergone live migration, a user may gain access to destination host devices that share the same paths as host devices previously referenced by the virtual machine on the source host. This can include block devices that map to different Cinder volumes at the destination than at the source. Only deployments allowing host-based connections (for instance, root and ephemeral devices) are affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2020/08/25/4 | Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | https://launchpad.net/bugs/1890501 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://security.openstack.org/ossa/OSSA-2020-006.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2020/08/25/4 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.net/bugs/1890501 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.openstack.org/ossa/OSSA-2020-006.html | Patch, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "9DDF22E2-609B-449C-92C3-15F65182CD1F", versionEndExcluding: "19.3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "D3B0003D-FEEE-4C6A-A6F8-FE7AA8470AB7", versionEndExcluding: "20.3.1", versionStartIncluding: "20.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:21.0.0:*:*:*:*:*:*:*", matchCriteriaId: "57ACEF3D-345D-4744-B1EC-441FEF427FA1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova before 19.3.1, 20.x before 20.3.1, and 21.0.0. By performing a soft reboot of an instance that has previously undergone live migration, a user may gain access to destination host devices that share the same paths as host devices previously referenced by the virtual machine on the source host. This can include block devices that map to different Cinder volumes at the destination than at the source. Only deployments allowing host-based connections (for instance, root and ephemeral devices) are affected.", }, { lang: "es", value: "Se detectó un problema en la función Guest.migrate en el archivo virt/libvirt/guest.py en OpenStack Nova versiones anteriores a 19.3.1, versiones 20.x anteriores a 20.3.1 y 21.0.0. Al realizar un reinicio suave de una instancia que se ha sometido previamente a una migración en vivo, un usuario puede conseguir acceso a los dispositivos host de destino que comparten las mismas rutas que los dispositivos host a los que la máquina virtual hace referencia anteriormente en el host de origen. Esto puede incluir dispositivos de bloque que se asignan a diferentes volúmenes de Cinder tanto en el destino como en el origen. Solo están afectadas las implementaciones que permiten conexiones basadas en host (por ejemplo, dispositivos root y efímeros)", }, ], id: "CVE-2020-17376", lastModified: "2024-11-21T05:07:58.283", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-08-26T19:15:14.580", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/08/25/4", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://launchpad.net/bugs/1890501", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2020-006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/08/25/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://launchpad.net/bugs/1890501", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2020-006.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-611", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-10-06 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2573.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2014-1781.html | Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2014-1782.html | Third Party Advisory | |
| secalert@redhat.com | http://seclists.org/oss-sec/2014/q4/65 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/70220 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://bugs.launchpad.net/nova/+bug/1338830 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-1781.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-1782.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/oss-sec/2014/q4/65 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/70220 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/nova/+bug/1338830 | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "DA51F598-3F53-4386-9953-8EAE0A6B41F0", versionEndIncluding: "2013.2.4", versionStartIncluding: "2013.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "82FE6CB2-DF2F-4BFF-A27B-06FFE3195178", versionEndExcluding: "2014.1.3", versionStartIncluding: "2014.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2573.", }, { lang: "es", value: "El controlador VMWare en OpenStack Compute (Nova) anterior a 2014.1.3 permite a usuarios remotos autenticados evadir la límite de la cuota y causar una denegación de servicio (consumo de recursos) mediante la colocación del VM en el estado de rescate, su suspensión, lo que entra en un estado de ERROR, y posteriormente la eliminación de la imagen. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2014-2573.", }, ], id: "CVE-2014-3608", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 2.7, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-10-06T14:55:09.737", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1781.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1782.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2014/q4/65", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/70220", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1338830", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1781.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1782.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2014/q4/65", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/70220", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1338830", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-10-29 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "8E483493-8EAA-4772-85E6-8F05C8F0C9F4", versionEndExcluding: "2014.2.4", versionStartIncluding: "2014.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "6F2937D9-1DB2-4C70-B5AA-E9E847090F6E", versionEndExcluding: "2015.1.2", versionStartIncluding: "2015.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made.", }, { lang: "es", value: "OpenStack Compute (Nova) en versiones anteriores a 2014.2.4 (juno) y 2015.1.x en versiones anteriores a 2015.1.2 (kilo) no aplica correctamente los cambios de grupos de seguridad, lo que permite a atacantes remotos eludir las restricciones previstas mediante el aprovechamiento de una instancia que se estaba ejecutando cuando se hizo el cambio.", }, ], id: "CVE-2015-7713", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-10-29T20:59:09.807", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2684.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/76960", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2015:2673", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1491307", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1492961", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2015-021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-2684.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/76960", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2015:2673", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1491307", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1492961", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2015-021.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-254", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-10-31 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an IP filter in a list active servers API request.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "434482D6-5DD1-456D-BDB4-3B6CF5DB20E8", versionEndExcluding: "2014.1.4", versionStartIncluding: "2014.1", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "9FDF6C8E-3478-4A5D-90B2-23C7293BDAC5", versionEndExcluding: "2014.2.1", versionStartIncluding: "2014.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B152EDF3-3140-4343-802F-F4F1C329F5C3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an IP filter in a list active servers API request.", }, { lang: "es", value: "OpenStack Compute (Nova) anterior a 2014.1.4 y 2014.2.x anterior a 2014.2.1 permite a usuarios remotos autenticados causar una denegación de servicio (consumo de CPU) a través de un filtro IP en una solicitud API para listar servidores activos.", }, ], id: "CVE-2014-3708", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-10-31T14:55:03.237", references: [ { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://lists.openstack.org/pipermail/openstack-announce/2014-October/000301.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0843.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0844.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/70777", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1358583", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://lists.openstack.org/pipermail/openstack-announce/2014-October/000301.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0843.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0844.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/70777", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.launchpad.net/nova/+bug/1358583", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-11-14 17:29
Modified
2024-11-21 03:16
Severity ?
Summary
In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters (for example, the ImagePropertiesFilter or the IsolatedHostsFilter). All setups using Nova Filter Scheduler are affected. Because of the regression described in Launchpad Bug #1732947, the preferred fix is a 14.x version after 14.0.10, a 15.x version after 15.0.8, or a 16.x version after 16.0.3.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "B6D59D57-690B-47DB-BABE-C6B3270543D2", versionEndIncluding: "14.0.9", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:15.0.0:*:*:*:*:*:*:*", matchCriteriaId: "86CACA5B-1C6D-4048-B744-D14B00BFEAA0", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:15.0.1:*:*:*:*:*:*:*", matchCriteriaId: "4675B0D5-9944-4F0A-9FBC-8C1A3AE6E82B", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:15.0.2:*:*:*:*:*:*:*", matchCriteriaId: "0ADBCCE8-EFB3-4EC9-9B51-C59CAAA715E4", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:15.0.3:*:*:*:*:*:*:*", matchCriteriaId: "41376DB5-5370-45C7-A7E5-1BD00930B2A6", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:15.0.4:*:*:*:*:*:*:*", matchCriteriaId: "184DFB6F-F8F1-4CC0-BA4B-23011D6509E7", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:15.0.5:*:*:*:*:*:*:*", matchCriteriaId: "FEA03C25-5C3C-45AD-8103-29816334A750", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:15.0.6:*:*:*:*:*:*:*", matchCriteriaId: "F61E6431-A221-4AB2-9C7F-DBBC81BF0D28", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:15.0.7:*:*:*:*:*:*:*", matchCriteriaId: "F46668A2-8AC7-4112-A885-D41E615B4FFB", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:16.0.0:*:*:*:*:*:*:*", matchCriteriaId: "F76E3B63-4BE8-4A18-9962-41A4FBAA0B0C", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:16.0.1:*:*:*:*:*:*:*", matchCriteriaId: "0BB93C6E-7AFD-46C5-BBEC-E6FA771808ED", vulnerable: true, }, { criteria: "cpe:2.3:a:openstack:nova:16.0.2:*:*:*:*:*:*:*", matchCriteriaId: "3FB190BC-5442-48E1-881C-944FAF0FB0D2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters (for example, the ImagePropertiesFilter or the IsolatedHostsFilter). All setups using Nova Filter Scheduler are affected. Because of the regression described in Launchpad Bug #1732947, the preferred fix is a 14.x version after 14.0.10, a 15.x version after 15.0.8, or a 16.x version after 16.0.3.", }, { lang: "es", value: "En OpenStack Nova hasta la versión 14.0.9, 15.x hasta la versión 15.0.7 y 16.x hasta la versión 16.0.2, al reconstrur una instancia, un usuario autenticado podría saltarse el Filter Scheduler omitiendos los filtros impuestos (por ejemplo, ImagePropertiesFilter o IsolatedHostsFilter). Todas las configuraciones que utilizan Nova Filter Scheduler se ven afectadas. Dada la regresión descrita en Launchpad Bug #1732947, la solución preferida es una versión 14.x posterior a la 14.0.10, una 15.x posterior a la 15.0.8 o una versión 16.x posterior a la 16.0.3.", }, ], id: "CVE-2017-16239", lastModified: "2024-11-21T03:16:05.707", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-11-14T17:29:00.290", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/101950", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2018:0241", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2018:0314", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2018:0369", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://launchpad.net/bugs/1664931", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2017-005.html", }, { source: "cve@mitre.org", url: "https://www.debian.org/security/2017/dsa-4056", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/101950", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2018:0241", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2018:0314", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2018:0369", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://launchpad.net/bugs/1664931", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://security.openstack.org/ossa/OSSA-2017-005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2017/dsa-4056", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }