CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-14620 – openstack-rabbitmq-container: Insecure download of rabbitmq_clusterer during docker build
https://notcve.org/view.php?id=CVE-2018-14620
10 Sep 2018 — The OpenStack RabbitMQ container image insecurely retrieves the rabbitmq_clusterer component over HTTP during the build stage. This could potentially allow an attacker to serve malicious code to the image builder and install in the resultant container image. Version of openstack-rabbitmq-container and openstack-containers as shipped with Red Hat Openstack 12, 13, 14 are believed to be vulnerable. La imagen del contenedor de OpenStack RabbitMQ recupera de forma insegura el componente rabbitmq_clusterer por H... • https://access.redhat.com/errata/RHSA-2018:2721 • CWE-20: Improper Input Validation CWE-494: Download of Code Without Integrity Check •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-15139 – openstack-cinder: Data retained after deletion of a ScaleIO volume
https://notcve.org/view.php?id=CVE-2017-15139
27 Aug 2018 — A vulnerability was found in openstack-cinder releases up to and including Queens, allowing newly created volumes in certain storage volume configurations to contain previous data. It specifically affects ScaleIO volumes using thin volumes and zero padding. This could lead to leakage of sensitive information between tenants. Se ha detectado una vulnerabilidad en las versiones de openstack-cinder hasta (e incluyendo) Queens, que permite que los volúmenes nuevos creados en ciertas configuraciones de volúmenes... • https://access.redhat.com/errata/RHSA-2018:3601 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.2EPSS: 0%CPEs: 3EXPL: 0CVE-2017-2627
https://notcve.org/view.php?id=CVE-2017-2627
22 Aug 2018 — A flaw was found in openstack-tripleo-common as shipped with Red Hat Openstack Enterprise 10 and 11. The sudoers file as installed with OSP's openstack-tripleo-common package is much too permissive. It contains several lines for the mistral user that have wildcards that allow directory traversal with '..' and it grants full passwordless root access to the validations user. Se ha detectado un defecto en opentack-tripleo-common tal y como viene en Red Hat Openstack Enterprise 10 y 11. El archivo sudoers insta... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2627 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.5EPSS: 1%CPEs: 17EXPL: 0CVE-2018-10915 – postgresql: Certain host connection parameters defeat client-side security defenses
https://notcve.org/view.php?id=CVE-2018-10915
09 Aug 2018 — A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction. Postgresql versions before 10... • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-665: Improper Initialization •
CVSS: 5.3EPSS: 1%CPEs: 7EXPL: 0CVE-2018-14432 – openstack-keystone: Information Exposure through /v3/OS-FEDERATION/projects
https://notcve.org/view.php?id=CVE-2018-14432
31 Jul 2018 — In the Federation component of OpenStack Keystone before 11.0.4, 12.0.0, and 13.0.0, an authenticated "GET /v3/OS-FEDERATION/projects" request may bypass intended access restrictions on listing projects. An authenticated user may discover projects they have no authority to access, leaking all projects in the deployment and their attributes. Only Keystone with the /v3/OS-FEDERATION endpoint enabled via policy.json is affected. En el componente Federation de OpenStack Keystone en versiones anteriores a la 11.... • http://www.openwall.com/lists/oss-security/2018/07/25/2 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-10903 – python-cryptography: GCM tag forgery via truncated tag in finalize_with_tag API
https://notcve.org/view.php?id=CVE-2018-10903
23 Jul 2018 — A flaw was found in python-cryptography versions between >=1.9.0 and <2.3. The finalize_with_tag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalize_with_tag an attacker could craft an invalid payload with a shortened tag (e.g. 1 byte) such that they would have a 1 in 256 chance of passing the MAC check. GCM tag forgeries can cause key leakage. Se ha encontrado un error en python-cryptography, desde la versión 1.9.0 hasta la 2.3. • https://access.redhat.com/errata/RHSA-2018:3600 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-10898 – openstack-tripleo-heat-templates: Default ODL deployment uses hard coded administrative credentials
https://notcve.org/view.php?id=CVE-2018-10898
19 Jul 2018 — A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials. Se ha detectado una vulnerabilidad en openstack-tripleo-heat-templates en versiones anteriores a la 8.0.2-40. Al implementarse mediante Director con la configuración por defecto, Opendaylight en RHOSP13 se configura con credenciales por defecto fácilmente adivinables. When deployed usi... • https://access.redhat.com/errata/RHSA-2018:2214 • CWE-798: Use of Hard-coded Credentials •
CVSS: 3.5EPSS: 0%CPEs: 27EXPL: 0CVE-2018-2767 – mysql: use of SSL/TLS not enforced in libmysqld (Return of BACKRONYM)
https://notcve.org/view.php?id=CVE-2018-2767
18 Jul 2018 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impac... • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html • CWE-325: Missing Cryptographic Step •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2018-10875 – ansible: ansible.cfg is being read from current working directory allowing possible code execution
https://notcve.org/view.php?id=CVE-2018-10875
10 Jul 2018 — A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code. Se ha encontrado un error en ansible. ansible.cfg se lee desde el directorio de trabajo actual, que puede alterarse para hacer que señale a un plugin o una ruta de módulo bajo el control de un atacante, permitiendo que el atacante ejecute código arbitrario. It was found th... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html • CWE-426: Untrusted Search Path •
CVSS: 6.3EPSS: 0%CPEs: 8EXPL: 0CVE-2018-10892 – docker: container breakout without selinux in enforcing mode
https://notcve.org/view.php?id=CVE-2018-10892
06 Jul 2018 — The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling bluetooth or turning up/down keyboard brightness. La especificación OCI por defecto de Linux en oci/defaults{_linux}.go en Docker y Moby desde la versión 1.11 hasta la más actual no bloquea los nombres de ruta /proc/acpi. El error permite que un atacante modifique el hardware del host, como habilitar/desha... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html • CWE-250: Execution with Unnecessary Privileges •