CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2015-9543
https://notcve.org/view.php?id=CVE-2015-9543
An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access. All Nova setups using novncproxy are affected. This is related to NovaProxyRequestHandlerBase.new_websocket_client in console/websocketproxy.py. • http://www.openwall.com/lists/oss-security/2020/02/19/2 https://launchpad.net/bugs/1492140 https://review.opendev.org/220622 https://security.openstack.org/ossa/OSSA-2020-001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2019-14433 – openstack-nova: Nova server resource faults leak external exception details
https://notcve.org/view.php?id=CVE-2019-14433
An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data. Se detectó un problema en OpenStack Nova en versiones anteriores a 17.0.12, versiones 18.x anteriores a 18.2.2, y versiones 19.x anteriores a 19.0.2. Si una petición de la API de un usuario autenticado termina en una condición de fallo debido a una excepción externa, los detalles del entorno subyacente puede ser filtrados en la respuesta, y podrían incluir una configuración confidencial u otros datos. A vulnerability was found in the Nova Compute resource fault handling. • http://www.openwall.com/lists/oss-security/2019/08/06/6 https://access.redhat.com/errata/RHSA-2019:2622 https://access.redhat.com/errata/RHSA-2019:2631 https://access.redhat.com/errata/RHSA-2019:2652 https://launchpad.net/bugs/1837877 https://lists.debian.org/debian-lts-announce/2022/09/msg00018.html https://security.openstack.org/ossa/OSSA-2019-003.html https://usn.ubuntu.com/4104-1 https://access.redhat.com/security/cve/CVE-2019-14433 https://bugzilla.redhat. • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0CVE-2017-16239 – openstack-nova: Nova Filter Scheduler bypass through rebuild action
https://notcve.org/view.php?id=CVE-2017-16239
In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters (for example, the ImagePropertiesFilter or the IsolatedHostsFilter). All setups using Nova Filter Scheduler are affected. Because of the regression described in Launchpad Bug #1732947, the preferred fix is a 14.x version after 14.0.10, a 15.x version after 15.0.8, or a 16.x version after 16.0.3. En OpenStack Nova hasta la versión 14.0.9, 15.x hasta la versión 15.0.7 y 16.x hasta la versión 16.0.2, al reconstrur una instancia, un usuario autenticado podría saltarse el Filter Scheduler omitiendos los filtros impuestos (por ejemplo, ImagePropertiesFilter o IsolatedHostsFilter). Todas las configuraciones que utilizan Nova Filter Scheduler se ven afectadas. • http://www.securityfocus.com/bid/101950 https://access.redhat.com/errata/RHSA-2018:0241 https://access.redhat.com/errata/RHSA-2018:0314 https://access.redhat.com/errata/RHSA-2018:0369 https://launchpad.net/bugs/1664931 https://security.openstack.org/ossa/OSSA-2017-005.html https://www.debian.org/security/2017/dsa-4056 https://access.redhat.com/security/cve/CVE-2017-16239 https://bugzilla.redhat.com/show_bug.cgi?id=1508539 • CWE-841: Improper Enforcement of Behavioral Workflow •
CVSS: 7.8EPSS: 2%CPEs: 8EXPL: 1CVE-2015-5162 – openstack-nova/glance/cinder: Malicious image may exhaust resources
https://notcve.org/view.php?id=CVE-2015-5162
The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does not properly limit qemu-img calls, which might allow attackers to cause a denial of service (memory and disk consumption) via a crafted disk image. El analizador de imagen en OpenStack Cinder 7.0.2 y 8.0.0 hasta la versión 8.1.1; Glance en versiones anteriores a 11.0.1 y 12.0.0; y Nova en versiones anteriores a 12.0.4 y 13.0.0 no limita adecuadamente las llamadas a qemu-img, lo que podría permitir a atacantes provocar una denegación de servicio (consumo de memoria y disco) a través de una imagen de disco manipulada. A resource vulnerability in the OpenStack Compute (nova), Block Storage (cinder), and Image (glance) services was found in their use of qemu-img. An unprivileged user could consume as much as 4 GB of RAM on the compute host by uploading a malicious image. This flaw could lead possibly to host out-of-memory errors and negatively affect other running tenant instances. • http://rhn.redhat.com/errata/RHSA-2016-2923.html http://rhn.redhat.com/errata/RHSA-2016-2991.html http://rhn.redhat.com/errata/RHSA-2017-0153.html http://rhn.redhat.com/errata/RHSA-2017-0156.html http://rhn.redhat.com/errata/RHSA-2017-0165.html http://rhn.redhat.com/errata/RHSA-2017-0282.html http://www.openwall.com/lists/oss-security/2016/10/06/8 http://www.securityfocus.com/bid/76849 https://launchpad.net/bugs/1449062 https://access.redhat.com/securit • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-2140 – openstack-nova: Host data leak through resize/migration
https://notcve.org/view.php?id=CVE-2016-2140
The libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) and 12.0.x before 12.0.3 (liberty), when using raw storage and use_cow_images is set to false, allows remote authenticated users to read arbitrary files via a crafted qcow2 header in an ephemeral or root disk. El controlador libvirt en OpenStack Compute (Nova) en versiones anteriores a 2015.1.4 (kilo) y 12.0.x en versiones anteriores a 12.0.3 (liberty), cuando usa almacenamiento en bruto y use_cow_images está establecido a false, permite a usuarios remotos autenticados leer archivos arbitrarios a través de una cabecera qcow2 manipulada en un disco efímero o root. An information-exposure flaw was found in the OpenStack Compute (nova) resize and migrate functionality. An authenticated user could write a malicious qcow header to an ephemeral or root disk, referencing a block device as a backing file. With a subsequent resize or migration, file system content on the specified device would be leaked to the user. • http://www.openwall.com/lists/oss-security/2016/03/08/6 http://www.securityfocus.com/bid/84277 https://bugs.launchpad.net/nova/+bug/1548450 https://security.openstack.org/ossa/OSSA-2016-007.html https://access.redhat.com/security/cve/CVE-2016-2140 https://bugzilla.redhat.com/show_bug.cgi?id=1313454 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •