CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53916
https://notcve.org/view.php?id=CVE-2024-53916
24 Nov 2024 — In OpenStack Neutron through 25.0.0, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. NOTE: 935883 has the "Work in Progress" status as of 2024-11-24. In OpenStack Neutron before 25.0.1, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. It does not apply the proper policy check for changing network tags. An unprivileged tenant is able to change (add and clear) tags on network objects that do not belong to the tenant, and this action is not subje... • https://github.com/openstack/neutron/blob/363ffa6e9e1ab5968f87d45bc2f1cb6394f48b9f/neutron/extensions/tagging.py#L138-L232 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-7319 – Openstack-heat: incomplete fix for cve-2023-1625
https://notcve.org/view.php?id=CVE-2024-7319
02 Aug 2024 — An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied. • https://access.redhat.com/security/cve/CVE-2024-7319 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-40767 – openstack-nova: Regression VMDK/qcow arbitrary file access
https://notcve.org/view.php?id=CVE-2024-40767
24 Jul 2024 — In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Nova deployments are affected. NOTE: this issue exists because of an incomplete fix for CVE-2022-47951 and CVE-2024-... • https://launchpad.net/bugs/2071734 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-32498 – OpenStack: malicious qcow2/vmdk images
https://notcve.org/view.php?id=CVE-2024-32498
03 Jul 2024 — An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom QCOW2 external data. By supplying a crafted QCOW2 image that references a specific data file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Cinder and Nova deployments are affected; only Glance deployments with image conversion enabled... • https://launchpad.net/bugs/2059809 • CWE-400: Uncontrolled Resource Consumption CWE-552: Files or Directories Accessible to External Parties •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2024-28716
https://notcve.org/view.php?id=CVE-2024-28716
30 Apr 2024 — An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via the gateway.py component. Un problema en OpenStack Storlets yoga-eom permite a un atacante remoto ejecutar código arbitrario a través del componente gateway.py. • https://bugs.launchpad.net/solum/+bug/2047505 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2024-28717
https://notcve.org/view.php?id=CVE-2024-28717
22 Apr 2024 — An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via the gateway.py component. Un problema en OpenStack Storlets yoga-eom permite a un atacante remoto ejecutar código arbitrario a través del componente gateway.py. • https://bugs.launchpad.net/storlets/+bug/2047723 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2024-28718
https://notcve.org/view.php?id=CVE-2024-28718
12 Apr 2024 — An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the cert_manager.py. component. Un problema en la versión OpenStack magnum yoga-eom permite que un atacante remoto ejecute código arbitrario a través de cert_manager.py. componente. • https://bugs.launchpad.net/magnum/+bug/2047690 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1141 – Glance-store: glance store access key logged in debug log level
https://notcve.org/view.php?id=CVE-2024-1141
01 Feb 2024 — A vulnerability was found in python-glance-store. The issue occurs when the package logs the access_key for the glance-store when the DEBUG log level is enabled. Se encontró una vulnerabilidad en python-glance-store. El problema ocurre cuando el paquete registra la clave de acceso para el almacén de vistazo cuando el nivel de registro DEBUG está habilitado. It was discovered that Glance_store incorrectly handled logging when the DEBUG log level is enabled. • https://access.redhat.com/errata/RHSA-2024:2732 • CWE-779: Logging of Excessive Data •
CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0CVE-2023-1633 – Insecure barbican configuration file leaking credential
https://notcve.org/view.php?id=CVE-2023-1633
24 Sep 2023 — A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials. Se encontró una falla de fuga de credenciales en OpenStack Barbican. Esta falla permite que un atacante autenticado local lea el archivo de configuración y obtenga acceso a credenciales sensibles. An update for openstack-barbican is now available for Red Hat OpenStack Platform 16.2. • https://access.redhat.com/security/cve/CVE-2023-1633 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-522: Insufficiently Protected Credentials •
CVSS: 6.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-1636 – Incomplete container isolation
https://notcve.org/view.php?id=CVE-2023-1636
24 Sep 2023 — A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any service is compromised, it could gain access to the data transmitted to and from Barbican. Se encontró una vulnerabilidad en los contenedores OpenStack Barbican. • https://access.redhat.com/security/cve/CVE-2023-1636 • CWE-653: Improper Isolation or Compartmentalization •