CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2018-17954 – crowbar provision leaks admin password to all nodes in cleartext
https://notcve.org/view.php?id=CVE-2018-17954
An Improper Privilege Management in crowbar of SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9 allows root users on any crowbar managed node to cause become root on any other node. This issue affects: SUSE OpenStack Cloud 7 crowbar-core versions prior to 4.0+git.1578392992.fabfd186c-9.63.1, crowbar-. SUSE OpenStack Cloud 8 ardana-cinder versions prior to 8.0+git.1579279939.ee7da88-3.39.3, ardana-. SUSE OpenStack Cloud 9 ardana-ansible versions prior to 9.0+git.1581611758.f694f7d-3.16.1, ardana-. SUSE OpenStack Cloud Crowbar 8 crowbar-core versions prior to 5.0+git.1582968668.1a55c77c5-3.35.4, crowbar-. • https://bugzilla.suse.com/show_bug.cgi?id=1117080 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-3683 – keystone_json_assignment backend granted access to any project for users in user-project-map.json
https://notcve.org/view.php?id=CVE-2019-3683
The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full "member" role access to every project. This allowed these users to access, modify, create and delete arbitrary resources, contrary to expectations. El paquete keystone-json-assignment en SUSE Openstack Cloud versión 8 antes del commit d7888c75505465490250c00cc0ef4bb1af662f9f, a cada usuario listado en el archivo /etc/keystone/user-project-map.json se le fue asignado el rol completo "member" para cada proyecto. Esto permitió a estos usuarios acceder, modificar, crear y eliminar recursos arbitrarios, contrariamente a lo esperado. • https://bugzilla.suse.com/show_bug.cgi?id=1124864 https://www.suse.com/security/cve/CVE-2019-3683 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2018-12122 – nodejs: Slowloris HTTP Denial of Service
https://notcve.org/view.php?id=CVE-2018-12122
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time. Node.js: Todas las versiones anteriores a la 6.15.0, 8.14.0, 10.14.0 y 11.3.0: Denegación de servicio (DoS) HTTP mediante Slowloris. Un atacante puede provocar una denegación de servicio (DoS) enviando cabeceras muy lentamente, manteniendo las conexiones HTTP o HTTPS y los recursos asociados vivos durante un largo período de tiempo. It was found that Node.js HTTP server was vulnerable to a Slowloris type attack. An attacker could make long lived connections by sending bytes very slowly to the server, saturating its resource and possibly resulting in a denial of service. • http://www.securityfocus.com/bid/106043 https://access.redhat.com/errata/RHSA-2019:1821 https://nodejs.org/en/blog/vulnerability/november-2018-security-releases https://security.gentoo.org/glsa/202003-48 https://access.redhat.com/security/cve/CVE-2018-12122 https://bugzilla.redhat.com/show_bug.cgi?id=1661005 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2018-12116 – nodejs: HTTP request splitting
https://notcve.org/view.php?id=CVE-2018-12116
Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server. Node.js: Todas las versiones anteriores a la 6.15.0 y 8.14.0: separación de petición HTTP. Si se puede convencer a Node.js para que emplee datos Unicode no saneados proporcionados por el usuario para la opción "path" de una petición HTTP, los datos pueden proporcionarse para desencadenar una segunda petición HTTP no esperada y definida por el usuario para el mismo servidor. • https://access.redhat.com/errata/RHSA-2019:1821 https://nodejs.org/en/blog/vulnerability/november-2018-security-releases https://security.gentoo.org/glsa/202003-48 https://access.redhat.com/security/cve/CVE-2018-12116 https://bugzilla.redhat.com/show_bug.cgi?id=1660998 • CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') CWE-115: Misinterpretation of Input •
CVSS: 3.3EPSS: 0%CPEs: 9EXPL: 0CVE-2018-6556 – The lxc-user-nic component of LXC allows unprivileged users to open arbitrary files
https://notcve.org/view.php?id=CVE-2018-6556
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Affected releases are LXC: 2.0 versions above and including 2.0.9; 3.0 versions above and including 3.0.0, prior to 3.0.2. Cuando se solicita a lxc-user-nic que elimine una interfaz de red, abrirá de forma incondicional una ruta proporcionada por el usuario. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00074.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00076.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00091.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1783591 https://bugzilla.suse.com/show_bug.cgi?id=988348 https://security.gentoo.org/glsa/201808-02 https://usn.ubuntu.com/usn/usn-3730- • CWE-417: Communication Channel Errors •