CVSS: 4.0EPSS: 0%CPEs: 7EXPL: 1CVE-2014-3621 – openstack-keystone: configuration data information leak through Keystone catalog
https://notcve.org/view.php?id=CVE-2014-3621
The catalog url replacement in OpenStack Identity (Keystone) before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authenticated users to read sensitive configuration options via a crafted endpoint, as demonstrated by "$(admin_token)" in the publicurl endpoint field. El reemplazo de la URL catalog en OpenStack Identity (Keystone) anterior a versión 2013.2.3 y versiones 2014.1 anteriores a 2014.1.2.1, permite a los usuarios autenticados remotos leer opciones de configuración confidenciales por medio de un endpoint diseñado, como es demostrado por "$(admin_token)" en el campo endpoint de publicurl. A flaw was found in the keystone catalog URL replacement. A user with permissions to register an endpoint could use this flaw to leak configuration data, including the master admin_token. Only keystone setups that allow non-cloud-admin users to create endpoints were affected by this issue. • http://rhn.redhat.com/errata/RHSA-2014-1688.html http://rhn.redhat.com/errata/RHSA-2014-1789.html http://rhn.redhat.com/errata/RHSA-2014-1790.html http://www.openwall.com/lists/oss-security/2014/09/16/10 http://www.ubuntu.com/usn/USN-2406-1 https://bugs.launchpad.net/keystone/+bug/1354208 https://access.redhat.com/security/cve/CVE-2014-3621 https://bugzilla.redhat.com/show_bug.cgi?id=1139937 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 0%CPEs: 26EXPL: 0CVE-2014-4615 – pycadf: token leak to message queue
https://notcve.org/view.php?id=CVE-2014-4615
The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry (Ceilometer) 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain X_AUTH_TOKEN values by reading the message queue (v2/meters/http.request). El middleware notificador en OpenStack PyCADF 0.5.0 y anteriores, Telemetry (Ceilometer) 2013.2 anterior a 2013.2.4 y 2014.x anterior a 2014.1.2, Neutron 2014.x anterior a 2014.1.2 y Juno anterior a Juno-2, y Oslo permite a usuarios remotos autenticados obtener valores X_AUTH_TOKEN mediante la lectura de la cola de mensajes (v2/meters/http.request). It was found that authentication tokens were not properly sanitized from the message queue by the notifier middleware. An attacker with read access to the message queue could possibly use this flaw to intercept an authentication token and gain elevated privileges. Note that all services using the notifier middleware configured after the auth_token middleware pipeline were affected. • http://rhn.redhat.com/errata/RHSA-2014-1050.html http://secunia.com/advisories/60643 http://secunia.com/advisories/60736 http://secunia.com/advisories/60766 http://www.openwall.com/lists/oss-security/2014/06/23/8 http://www.openwall.com/lists/oss-security/2014/06/24/6 http://www.openwall.com/lists/oss-security/2014/06/25/6 http://www.securityfocus.com/bid/68149 http://www.ubuntu.com/usn/USN-2311-1 https://access.redhat.com/security/cve/CVE-2014-46 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6470 – foreman-installer: insecure defaults
https://notcve.org/view.php?id=CVE-2013-6470
The default configuration in the standalone controller quickstack manifest in openstack-foreman-installer, as used in Red Hat Enterprise Linux OpenStack Platform 4.0, disables authentication for Qpid, which allows remote attackers to gain access by connecting to Qpid. La configuración por defecto en el manifest de Standalone Controller Quickstack en openstack-foreman-installer, utilizado en Red Hat Enterprise Linux OpenStack Platform 4.0, deshabilita autenticación para Qpid, lo que permite a atacantes remotos ganar acceso mediante la conexión a Qpid. • http://rhn.redhat.com/errata/RHSA-2014-0517.html https://bugzilla.redhat.com/show_bug.cgi?id=1051994 https://access.redhat.com/security/cve/CVE-2013-6470 • CWE-287: Improper Authentication •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0041 – openstack-heat-templates: use of HTTPS url and sslverify=false
https://notcve.org/view.php?id=CVE-2014-0041
OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, sets sslverify to false for certain Yum repositories, which disables SSL protection and allows man-in-the-middle attackers to prevent updates via unspecified vectors. OpenStack Heat Templates (heat-templates), utilizado en Red Hat Enterprise Linux OpenStack Platform 4.0, configura sslverify a falso para ciertos repositorios Yum, lo que deshabilita protección SSL y permite a atacantes man-in-the-middle prevenir actualizaciones a través de vectores no especificados. • http://rhn.redhat.com/errata/RHSA-2014-0579.html https://bugs.launchpad.net/heat-templates/+bug/1267635 https://bugzilla.redhat.com/show_bug.cgi?id=1059515 https://github.com/openstack/heat-templates/commit/65a4f8bebc72da71c616e2e378b7b1ac354db1a3CONFIRM: https://access.redhat.com/security/cve/CVE-2014-0041 • CWE-295: Improper Certificate Validation CWE-310: Cryptographic Issues •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2014-0042 – openstack-heat-templates: setting gpgcheck=0 for signed packages
https://notcve.org/view.php?id=CVE-2014-0042
OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, sets gpgcheck to 0 for certain templates, which disables GPG signature checking on downloaded packages and allows man-in-the-middle attackers to install arbitrary packages via unspecified vectors. OpenStack Heat Templates (heat-templates), utilizado en Red Hat Enterprise Linux OpenStack Platform 4.0, configura gpgcheck a 0 para ciertas plantillas, lo que deshabilita la comprobación de firmas GPG en paquetes descargados y permite a atacantes man-in-the-middle instalar paquetes arbitrarios a través de vectores no especificados. • http://rhn.redhat.com/errata/RHSA-2014-0579.html https://bugs.launchpad.net/heat-templates/+bug/1267635 https://bugzilla.redhat.com/show_bug.cgi?id=1059520 https://github.com/openstack/heat-templates/commit/65a4f8bebc72da71c616e2e378b7b1ac354db1a3 https://access.redhat.com/security/cve/CVE-2014-0042 • CWE-310: Cryptographic Issues CWE-494: Download of Code Without Integrity Check •