RHSA-2015:1862
Vulnerability from csaf_redhat - Published: 2015-10-08 12:05 - Updated: 2025-11-21 17:53Summary
Red Hat Security Advisory: Red Hat Enterprise Linux OpenStack Platform 7 director update
Severity
Moderate
Notes
Topic: Updated packages that fix one security issue, several bugs, and add various
enhancements are now available for Red Hat Enterprise Linux OpenStack
Platform 7.0 director for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Moderate security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details: Red Hat Enterprise Linux OpenStack Platform director provides the
facilities for deploying and monitoring a private or public
infrastructure-as-a-service (IaaS) cloud based on Red Hat Enterprise Linux
OpenStack Platform.
A flaw was discovered in the pipeline ordering of OpenStack Object
Storage's staticweb middleware in the swiftproxy configuration generated
from the openstack-tripleo-heat-templates package (OpenStack director).
The staticweb middleware was incorrectly configured before the Identity
Service, and under some conditions an attacker could use this flaw to gain
unauthenticated access to private data. (CVE-2015-5271)
This issue was discovered by Christian Schwede and Emilien Macchi of
Red Hat.
This update also fixes numerous bugs and adds various enhancements.
Space precludes documenting all of these changes in this advisory.
Users are directed to the Red Hat Enterprise Linux OpenStack Platform 7
Release Notes, linked to in the References section, for information on the
most significant of these changes.
All Red Hat Enterprise Linux OpenStack Platform 7.0 director users are
advised to upgrade to these updated packages, which correct these issues
and add these enhancements.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was discovered in the pipeline ordering of OpenStack Object Storage's staticweb middleware in the swiftproxy configuration generated from the openstack-tripleo-heat-templates package (OpenStack director). The staticweb middleware was incorrectly configured before the Identity Service, and under some conditions an attacker could use this flaw to gain unauthenticated access to private data.
4.3 ()
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2015:1862
References
Acknowledgments
Christian Schwede
Red Hat
Emilien Macchi
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated packages that fix one security issue, several bugs, and add various\nenhancements are now available for Red Hat Enterprise Linux OpenStack\nPlatform 7.0 director for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Enterprise Linux OpenStack Platform director provides the\nfacilities for deploying and monitoring a private or public\ninfrastructure-as-a-service (IaaS) cloud based on Red Hat Enterprise Linux\nOpenStack Platform.\n\nA flaw was discovered in the pipeline ordering of OpenStack Object\nStorage\u0027s staticweb middleware in the swiftproxy configuration generated\nfrom the openstack-tripleo-heat-templates package (OpenStack director).\nThe staticweb middleware was incorrectly configured before the Identity\nService, and under some conditions an attacker could use this flaw to gain\nunauthenticated access to private data. (CVE-2015-5271)\n\nThis issue was discovered by Christian Schwede and Emilien Macchi of\nRed Hat.\n\nThis update also fixes numerous bugs and adds various enhancements.\nSpace precludes documenting all of these changes in this advisory.\nUsers are directed to the Red Hat Enterprise Linux OpenStack Platform 7\nRelease Notes, linked to in the References section, for information on the\nmost significant of these changes.\n\nAll Red Hat Enterprise Linux OpenStack Platform 7.0 director users are\nadvised to upgrade to these updated packages, which correct these issues\nand add these enhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2015:1862",
"url": "https://access.redhat.com/errata/RHSA-2015:1862"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-enterprise-linux-openstack-platform/version-7/release-notes",
"url": "https://access.redhat.com/documentation/en/red-hat-enterprise-linux-openstack-platform/version-7/release-notes"
},
{
"category": "external",
"summary": "1223022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1223022"
},
{
"category": "external",
"summary": "1226376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1226376"
},
{
"category": "external",
"summary": "1228862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1228862"
},
{
"category": "external",
"summary": "1231777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1231777"
},
{
"category": "external",
"summary": "1233949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1233949"
},
{
"category": "external",
"summary": "1235320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1235320"
},
{
"category": "external",
"summary": "1235325",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1235325"
},
{
"category": "external",
"summary": "1236136",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236136"
},
{
"category": "external",
"summary": "1236663",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236663"
},
{
"category": "external",
"summary": "1236707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236707"
},
{
"category": "external",
"summary": "1237020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1237020"
},
{
"category": "external",
"summary": "1240260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1240260"
},
{
"category": "external",
"summary": "1241199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1241199"
},
{
"category": "external",
"summary": "1241668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1241668"
},
{
"category": "external",
"summary": "1243015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243015"
},
{
"category": "external",
"summary": "1243032",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243032"
},
{
"category": "external",
"summary": "1243062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243062"
},
{
"category": "external",
"summary": "1243121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243121"
},
{
"category": "external",
"summary": "1243472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243472"
},
{
"category": "external",
"summary": "1243601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243601"
},
{
"category": "external",
"summary": "1243829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243829"
},
{
"category": "external",
"summary": "1244001",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1244001"
},
{
"category": "external",
"summary": "1244026",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1244026"
},
{
"category": "external",
"summary": "1244032",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1244032"
},
{
"category": "external",
"summary": "1244856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1244856"
},
{
"category": "external",
"summary": "1244864",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1244864"
},
{
"category": "external",
"summary": "1245212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1245212"
},
{
"category": "external",
"summary": "1245714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1245714"
},
{
"category": "external",
"summary": "1246596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1246596"
},
{
"category": "external",
"summary": "1247015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1247015"
},
{
"category": "external",
"summary": "1247722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1247722"
},
{
"category": "external",
"summary": "1248172",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1248172"
},
{
"category": "external",
"summary": "1249640",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1249640"
},
{
"category": "external",
"summary": "1250249",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1250249"
},
{
"category": "external",
"summary": "1250250",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1250250"
},
{
"category": "external",
"summary": "1251566",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1251566"
},
{
"category": "external",
"summary": "1252054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1252054"
},
{
"category": "external",
"summary": "1252219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1252219"
},
{
"category": "external",
"summary": "1252437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1252437"
},
{
"category": "external",
"summary": "1252509",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1252509"
},
{
"category": "external",
"summary": "1252553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1252553"
},
{
"category": "external",
"summary": "1253465",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1253465"
},
{
"category": "external",
"summary": "1253628",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1253628"
},
{
"category": "external",
"summary": "1253777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1253777"
},
{
"category": "external",
"summary": "1254897",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1254897"
},
{
"category": "external",
"summary": "1255910",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1255910"
},
{
"category": "external",
"summary": "1255931",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1255931"
},
{
"category": "external",
"summary": "1256477",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1256477"
},
{
"category": "external",
"summary": "1257414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1257414"
},
{
"category": "external",
"summary": "1257642",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1257642"
},
{
"category": "external",
"summary": "1259393",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1259393"
},
{
"category": "external",
"summary": "1259905",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1259905"
},
{
"category": "external",
"summary": "1260736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1260736"
},
{
"category": "external",
"summary": "1260991",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1260991"
},
{
"category": "external",
"summary": "1261045",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1261045"
},
{
"category": "external",
"summary": "1261048",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1261048"
},
{
"category": "external",
"summary": "1261067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1261067"
},
{
"category": "external",
"summary": "1261697",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1261697"
},
{
"category": "external",
"summary": "1261921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1261921"
},
{
"category": "external",
"summary": "1262059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1262059"
},
{
"category": "external",
"summary": "1262454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1262454"
},
{
"category": "external",
"summary": "1262995",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1262995"
},
{
"category": "external",
"summary": "1265010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1265010"
},
{
"category": "external",
"summary": "1265777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1265777"
},
{
"category": "external",
"summary": "1266082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1266082"
},
{
"category": "external",
"summary": "1266253",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1266253"
},
{
"category": "external",
"summary": "1266327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1266327"
},
{
"category": "external",
"summary": "1266911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1266911"
},
{
"category": "external",
"summary": "1267883",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1267883"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1862.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Enterprise Linux OpenStack Platform 7 director update",
"tracking": {
"current_release_date": "2025-11-21T17:53:42+00:00",
"generator": {
"date": "2025-11-21T17:53:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2015:1862",
"initial_release_date": "2015-10-08T12:05:50+00:00",
"revision_history": [
{
"date": "2015-10-08T12:05:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2015-10-08T12:05:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:53:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenStack 7.0 Director for RHEL 7",
"product": {
"name": "OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack-director:7::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-hardware-doc-0:0.14-7.el7ost.noarch",
"product": {
"name": "python-hardware-doc-0:0.14-7.el7ost.noarch",
"product_id": "python-hardware-doc-0:0.14-7.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-hardware-doc@0.14-7.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-hardware-0:0.14-7.el7ost.noarch",
"product": {
"name": "python-hardware-0:0.14-7.el7ost.noarch",
"product_id": "python-hardware-0:0.14-7.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-hardware@0.14-7.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tuskar-0:0.4.18-4.el7ost.noarch",
"product": {
"name": "openstack-tuskar-0:0.4.18-4.el7ost.noarch",
"product_id": "openstack-tuskar-0:0.4.18-4.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tuskar@0.4.18-4.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-ironic-discoverd-ramdisk-0:1.1.0-6.el7ost.noarch",
"product": {
"name": "openstack-ironic-discoverd-ramdisk-0:1.1.0-6.el7ost.noarch",
"product_id": "openstack-ironic-discoverd-ramdisk-0:1.1.0-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-ironic-discoverd-ramdisk@1.1.0-6.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-ironic-discoverd-0:1.1.0-6.el7ost.noarch",
"product": {
"name": "python-ironic-discoverd-0:1.1.0-6.el7ost.noarch",
"product_id": "python-ironic-discoverd-0:1.1.0-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-ironic-discoverd@1.1.0-6.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-ironic-discoverd-0:1.1.0-6.el7ost.noarch",
"product": {
"name": "openstack-ironic-discoverd-0:1.1.0-6.el7ost.noarch",
"product_id": "openstack-ironic-discoverd-0:1.1.0-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-ironic-discoverd@1.1.0-6.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.1-5.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-5.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.1-5.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.1-5.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ahc-tools-0:0.1.1-6.el7ost.noarch",
"product": {
"name": "ahc-tools-0:0.1.1-6.el7ost.noarch",
"product_id": "ahc-tools-0:0.1.1-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ahc-tools@0.1.1-6.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tuskar-ui-0:0.4.0-3.el7ost.noarch",
"product": {
"name": "openstack-tuskar-ui-0:0.4.0-3.el7ost.noarch",
"product_id": "openstack-tuskar-ui-0:0.4.0-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tuskar-ui@0.4.0-3.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-image-elements-0:0.9.6-10.el7ost.noarch",
"product": {
"name": "openstack-tripleo-image-elements-0:0.9.6-10.el7ost.noarch",
"product_id": "openstack-tripleo-image-elements-0:0.9.6-10.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-image-elements@0.9.6-10.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-proliantutils-0:2.1.0-4.el7ost.noarch",
"product": {
"name": "python-proliantutils-0:2.1.0-4.el7ost.noarch",
"product_id": "python-proliantutils-0:2.1.0-4.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-proliantutils@2.1.0-4.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "os-cloud-config-0:0.2.8-7.el7ost.noarch",
"product": {
"name": "os-cloud-config-0:0.2.8-7.el7ost.noarch",
"product_id": "os-cloud-config-0:0.2.8-7.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/os-cloud-config@0.2.8-7.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "os-net-config-0:0.1.4-4.el7ost.noarch",
"product": {
"name": "os-net-config-0:0.1.4-4.el7ost.noarch",
"product_id": "os-net-config-0:0.1.4-4.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/os-net-config@0.1.4-4.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-0:0.0.1.dev6-3.git49b57eb.el7ost.noarch",
"product": {
"name": "openstack-tripleo-common-0:0.0.1.dev6-3.git49b57eb.el7ost.noarch",
"product_id": "openstack-tripleo-common-0:0.0.1.dev6-3.git49b57eb.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common@0.0.1.dev6-3.git49b57eb.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "instack-undercloud-0:2.1.2-29.el7ost.noarch",
"product": {
"name": "instack-undercloud-0:2.1.2-29.el7ost.noarch",
"product_id": "instack-undercloud-0:2.1.2-29.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/instack-undercloud@2.1.2-29.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.6-71.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-71.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:0.8.6-71.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.6-71.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-rdomanager-oscplugin-0:0.0.10-8.el7ost.noarch",
"product": {
"name": "python-rdomanager-oscplugin-0:0.0.10-8.el7ost.noarch",
"product_id": "python-rdomanager-oscplugin-0:0.0.10-8.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-rdomanager-oscplugin@0.0.10-8.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "python-hardware-0:0.14-7.el7ost.src",
"product": {
"name": "python-hardware-0:0.14-7.el7ost.src",
"product_id": "python-hardware-0:0.14-7.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-hardware@0.14-7.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tuskar-0:0.4.18-4.el7ost.src",
"product": {
"name": "openstack-tuskar-0:0.4.18-4.el7ost.src",
"product_id": "openstack-tuskar-0:0.4.18-4.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tuskar@0.4.18-4.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-ironic-discoverd-0:1.1.0-6.el7ost.src",
"product": {
"name": "openstack-ironic-discoverd-0:1.1.0-6.el7ost.src",
"product_id": "openstack-ironic-discoverd-0:1.1.0-6.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-ironic-discoverd@1.1.0-6.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.1-5.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-5.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.1-5.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.1-5.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "ahc-tools-0:0.1.1-6.el7ost.src",
"product": {
"name": "ahc-tools-0:0.1.1-6.el7ost.src",
"product_id": "ahc-tools-0:0.1.1-6.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ahc-tools@0.1.1-6.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tuskar-ui-0:0.4.0-3.el7ost.src",
"product": {
"name": "openstack-tuskar-ui-0:0.4.0-3.el7ost.src",
"product_id": "openstack-tuskar-ui-0:0.4.0-3.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tuskar-ui@0.4.0-3.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-image-elements-0:0.9.6-10.el7ost.src",
"product": {
"name": "openstack-tripleo-image-elements-0:0.9.6-10.el7ost.src",
"product_id": "openstack-tripleo-image-elements-0:0.9.6-10.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-image-elements@0.9.6-10.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-proliantutils-0:2.1.0-4.el7ost.src",
"product": {
"name": "python-proliantutils-0:2.1.0-4.el7ost.src",
"product_id": "python-proliantutils-0:2.1.0-4.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-proliantutils@2.1.0-4.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "os-cloud-config-0:0.2.8-7.el7ost.src",
"product": {
"name": "os-cloud-config-0:0.2.8-7.el7ost.src",
"product_id": "os-cloud-config-0:0.2.8-7.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/os-cloud-config@0.2.8-7.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "os-net-config-0:0.1.4-4.el7ost.src",
"product": {
"name": "os-net-config-0:0.1.4-4.el7ost.src",
"product_id": "os-net-config-0:0.1.4-4.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/os-net-config@0.1.4-4.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-0:0.0.1.dev6-3.git49b57eb.el7ost.src",
"product": {
"name": "openstack-tripleo-common-0:0.0.1.dev6-3.git49b57eb.el7ost.src",
"product_id": "openstack-tripleo-common-0:0.0.1.dev6-3.git49b57eb.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common@0.0.1.dev6-3.git49b57eb.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "instack-undercloud-0:2.1.2-29.el7ost.src",
"product": {
"name": "instack-undercloud-0:2.1.2-29.el7ost.src",
"product_id": "instack-undercloud-0:2.1.2-29.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/instack-undercloud@2.1.2-29.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.6-71.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-71.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:0.8.6-71.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.6-71.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-rdomanager-oscplugin-0:0.0.10-8.el7ost.src",
"product": {
"name": "python-rdomanager-oscplugin-0:0.0.10-8.el7ost.src",
"product_id": "python-rdomanager-oscplugin-0:0.0.10-8.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-rdomanager-oscplugin@0.0.10-8.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ahc-tools-0:0.1.1-6.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:ahc-tools-0:0.1.1-6.el7ost.noarch"
},
"product_reference": "ahc-tools-0:0.1.1-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ahc-tools-0:0.1.1-6.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:ahc-tools-0:0.1.1-6.el7ost.src"
},
"product_reference": "ahc-tools-0:0.1.1-6.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "instack-undercloud-0:2.1.2-29.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:instack-undercloud-0:2.1.2-29.el7ost.noarch"
},
"product_reference": "instack-undercloud-0:2.1.2-29.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "instack-undercloud-0:2.1.2-29.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:instack-undercloud-0:2.1.2-29.el7ost.src"
},
"product_reference": "instack-undercloud-0:2.1.2-29.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-ironic-discoverd-0:1.1.0-6.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-ironic-discoverd-0:1.1.0-6.el7ost.noarch"
},
"product_reference": "openstack-ironic-discoverd-0:1.1.0-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-ironic-discoverd-0:1.1.0-6.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-ironic-discoverd-0:1.1.0-6.el7ost.src"
},
"product_reference": "openstack-ironic-discoverd-0:1.1.0-6.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-ironic-discoverd-ramdisk-0:1.1.0-6.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-ironic-discoverd-ramdisk-0:1.1.0-6.el7ost.noarch"
},
"product_reference": "openstack-ironic-discoverd-ramdisk-0:1.1.0-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-0:0.0.1.dev6-3.git49b57eb.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-common-0:0.0.1.dev6-3.git49b57eb.el7ost.noarch"
},
"product_reference": "openstack-tripleo-common-0:0.0.1.dev6-3.git49b57eb.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-0:0.0.1.dev6-3.git49b57eb.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-common-0:0.0.1.dev6-3.git49b57eb.el7ost.src"
},
"product_reference": "openstack-tripleo-common-0:0.0.1.dev6-3.git49b57eb.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-71.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-71.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.6-71.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-71.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-71.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.6-71.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-image-elements-0:0.9.6-10.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-image-elements-0:0.9.6-10.el7ost.noarch"
},
"product_reference": "openstack-tripleo-image-elements-0:0.9.6-10.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-image-elements-0:0.9.6-10.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-image-elements-0:0.9.6-10.el7ost.src"
},
"product_reference": "openstack-tripleo-image-elements-0:0.9.6-10.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-5.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-5.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.1-5.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-5.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-5.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.1-5.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tuskar-0:0.4.18-4.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tuskar-0:0.4.18-4.el7ost.noarch"
},
"product_reference": "openstack-tuskar-0:0.4.18-4.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tuskar-0:0.4.18-4.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tuskar-0:0.4.18-4.el7ost.src"
},
"product_reference": "openstack-tuskar-0:0.4.18-4.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tuskar-ui-0:0.4.0-3.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tuskar-ui-0:0.4.0-3.el7ost.noarch"
},
"product_reference": "openstack-tuskar-ui-0:0.4.0-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tuskar-ui-0:0.4.0-3.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tuskar-ui-0:0.4.0-3.el7ost.src"
},
"product_reference": "openstack-tuskar-ui-0:0.4.0-3.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "os-cloud-config-0:0.2.8-7.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:os-cloud-config-0:0.2.8-7.el7ost.noarch"
},
"product_reference": "os-cloud-config-0:0.2.8-7.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "os-cloud-config-0:0.2.8-7.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:os-cloud-config-0:0.2.8-7.el7ost.src"
},
"product_reference": "os-cloud-config-0:0.2.8-7.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "os-net-config-0:0.1.4-4.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:os-net-config-0:0.1.4-4.el7ost.noarch"
},
"product_reference": "os-net-config-0:0.1.4-4.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "os-net-config-0:0.1.4-4.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:os-net-config-0:0.1.4-4.el7ost.src"
},
"product_reference": "os-net-config-0:0.1.4-4.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-hardware-0:0.14-7.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:python-hardware-0:0.14-7.el7ost.noarch"
},
"product_reference": "python-hardware-0:0.14-7.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-hardware-0:0.14-7.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:python-hardware-0:0.14-7.el7ost.src"
},
"product_reference": "python-hardware-0:0.14-7.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-hardware-doc-0:0.14-7.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:python-hardware-doc-0:0.14-7.el7ost.noarch"
},
"product_reference": "python-hardware-doc-0:0.14-7.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-ironic-discoverd-0:1.1.0-6.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:python-ironic-discoverd-0:1.1.0-6.el7ost.noarch"
},
"product_reference": "python-ironic-discoverd-0:1.1.0-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-proliantutils-0:2.1.0-4.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:python-proliantutils-0:2.1.0-4.el7ost.noarch"
},
"product_reference": "python-proliantutils-0:2.1.0-4.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-proliantutils-0:2.1.0-4.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:python-proliantutils-0:2.1.0-4.el7ost.src"
},
"product_reference": "python-proliantutils-0:2.1.0-4.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rdomanager-oscplugin-0:0.0.10-8.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-8.el7ost.noarch"
},
"product_reference": "python-rdomanager-oscplugin-0:0.0.10-8.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rdomanager-oscplugin-0:0.0.10-8.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-8.el7ost.src"
},
"product_reference": "python-rdomanager-oscplugin-0:0.0.10-8.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Christian Schwede"
]
},
{
"names": [
"Emilien Macchi"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2015-5271",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2015-09-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1261697"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in the pipeline ordering of OpenStack Object Storage\u0027s staticweb middleware in the swiftproxy configuration generated from the openstack-tripleo-heat-templates package (OpenStack director). The staticweb middleware was incorrectly configured before the Identity Service, and under some conditions an attacker could use this flaw to gain unauthenticated access to private data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openstack-tripleo-heat-templates: unsafe pipeline ordering of swift staticweb middleware",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-7.0-Director:ahc-tools-0:0.1.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:ahc-tools-0:0.1.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:instack-undercloud-0:2.1.2-29.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:instack-undercloud-0:2.1.2-29.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-ironic-discoverd-0:1.1.0-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-ironic-discoverd-0:1.1.0-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-ironic-discoverd-ramdisk-0:1.1.0-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-common-0:0.0.1.dev6-3.git49b57eb.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-common-0:0.0.1.dev6-3.git49b57eb.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-71.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-71.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-image-elements-0:0.9.6-10.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-image-elements-0:0.9.6-10.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-5.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-5.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tuskar-0:0.4.18-4.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tuskar-0:0.4.18-4.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tuskar-ui-0:0.4.0-3.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tuskar-ui-0:0.4.0-3.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:os-cloud-config-0:0.2.8-7.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:os-cloud-config-0:0.2.8-7.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:os-net-config-0:0.1.4-4.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:os-net-config-0:0.1.4-4.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-hardware-0:0.14-7.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-hardware-0:0.14-7.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-hardware-doc-0:0.14-7.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-ironic-discoverd-0:1.1.0-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-proliantutils-0:2.1.0-4.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-proliantutils-0:2.1.0-4.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-8.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-8.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-5271"
},
{
"category": "external",
"summary": "RHBZ#1261697",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1261697"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-5271",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5271"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5271",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5271"
}
],
"release_date": "2015-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-10-08T12:05:50+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-7.0-Director:ahc-tools-0:0.1.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:ahc-tools-0:0.1.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:instack-undercloud-0:2.1.2-29.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:instack-undercloud-0:2.1.2-29.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-ironic-discoverd-0:1.1.0-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-ironic-discoverd-0:1.1.0-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-ironic-discoverd-ramdisk-0:1.1.0-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-common-0:0.0.1.dev6-3.git49b57eb.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-common-0:0.0.1.dev6-3.git49b57eb.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-71.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-71.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-image-elements-0:0.9.6-10.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-image-elements-0:0.9.6-10.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-5.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-5.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tuskar-0:0.4.18-4.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tuskar-0:0.4.18-4.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tuskar-ui-0:0.4.0-3.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tuskar-ui-0:0.4.0-3.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:os-cloud-config-0:0.2.8-7.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:os-cloud-config-0:0.2.8-7.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:os-net-config-0:0.1.4-4.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:os-net-config-0:0.1.4-4.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-hardware-0:0.14-7.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-hardware-0:0.14-7.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-hardware-doc-0:0.14-7.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-ironic-discoverd-0:1.1.0-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-proliantutils-0:2.1.0-4.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-proliantutils-0:2.1.0-4.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-8.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-8.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1862"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"7Server-RH7-RHOS-7.0-Director:ahc-tools-0:0.1.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:ahc-tools-0:0.1.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:instack-undercloud-0:2.1.2-29.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:instack-undercloud-0:2.1.2-29.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-ironic-discoverd-0:1.1.0-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-ironic-discoverd-0:1.1.0-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-ironic-discoverd-ramdisk-0:1.1.0-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-common-0:0.0.1.dev6-3.git49b57eb.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-common-0:0.0.1.dev6-3.git49b57eb.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-71.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-71.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-image-elements-0:0.9.6-10.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-image-elements-0:0.9.6-10.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-5.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-5.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tuskar-0:0.4.18-4.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tuskar-0:0.4.18-4.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tuskar-ui-0:0.4.0-3.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tuskar-ui-0:0.4.0-3.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:os-cloud-config-0:0.2.8-7.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:os-cloud-config-0:0.2.8-7.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:os-net-config-0:0.1.4-4.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:os-net-config-0:0.1.4-4.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-hardware-0:0.14-7.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-hardware-0:0.14-7.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-hardware-doc-0:0.14-7.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-ironic-discoverd-0:1.1.0-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-proliantutils-0:2.1.0-4.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-proliantutils-0:2.1.0-4.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-8.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-8.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openstack-tripleo-heat-templates: unsafe pipeline ordering of swift staticweb middleware"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…