CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-0162 – openstack-glance: remote code execution in Glance Sheepdog backend
https://notcve.org/view.php?id=CVE-2014-0162
The Sheepdog backend in OpenStack Image Registry and Delivery Service (Glance) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote authenticated users with permission to insert or modify an image to execute arbitrary commands via a crafted location. El backend Sheepdog en OpenStack Image Registry and Delivery Service (Glance) 2013.2 anterior a 2013.2.4 y icehouse anterior a icehouse-rc2 permite a usuarios remotos autenticados con permiso insertar o modificar un imagen para ejecutar comandos arbitrarios a través de una localización manipulada. • http://rhn.redhat.com/errata/RHSA-2014-0455.html http://www.openwall.com/lists/oss-security/2014/04/10/13 http://www.ubuntu.com/usn/USN-2193-1 https://launchpad.net/bugs/1298698 https://access.redhat.com/security/cve/CVE-2014-0162 https://bugzilla.redhat.com/show_bug.cgi?id=1085163 • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.0EPSS: 0%CPEs: 9EXPL: 0CVE-2014-0167 – openstack-nova: RBAC policy not properly enforced in Nova EC2 API
https://notcve.org/view.php?id=CVE-2014-0167
The Nova EC2 API security group implementation in OpenStack Compute (Nova) 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 does not enforce RBAC policies for (1) add_rules, (2) remove_rules, (3) destroy, and other unspecified methods in compute/api.py when using non-default policies, which allows remote authenticated users to gain privileges via these API requests. En la implementación del grupo de seguridad Nova EC2 API en OpenStack Compute (Nova) 2013.1 anterior a 2013.2.4 y icehouse anteior icehouse-rc2 no fuerza políticas RBAC para (1) add_rules, (2) remove_rules, (3) destroy, y otros métodos no especificados en compute/api.py cuando hace uso de políticas no por defecto, lo que permite a los usuarios remotos autenticados obtener privilegios a través de estas peticiones API. It was found that RBAC policies were not enforced in certain methods of the OpenStack Compute EC2 (Amazon Elastic Compute Cloud) API. A remote attacker could use this flaw to escalate their privileges beyond the user group they were originally restricted to. Note that only certain setups using non-default RBAC rules for OpenStack Compute were affected. • http://www.openwall.com/lists/oss-security/2014/04/09/26 http://www.ubuntu.com/usn/USN-2247-1 https://launchpad.net/bugs/1290537 https://access.redhat.com/security/cve/CVE-2014-0167 https://bugzilla.redhat.com/show_bug.cgi?id=1084868 • CWE-264: Permissions, Privileges, and Access Controls CWE-862: Missing Authorization •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2014-0157 – openstack-horizon: XSS in Horizon orchestration dashboard when using a malicious template
https://notcve.org/view.php?id=CVE-2014-0157
Cross-site scripting (XSS) vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard (aka Horizon) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template. Vulnerabilidad de XSS en el dashboard de Horizon Orchestration en OpenStack Dashboard (también conocido como Horizon) 2013.2 anterior a 2013.2.4i y icehouse before icehouse-rc2 permite a atacantes remotos inyectar script Web o HTML arbitrarios a través del campo descripción de una plantilla Heat. • http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html http://www.openwall.com/lists/oss-security/2014/04/08/8 http://www.securityfocus.com/bid/66706 https://launchpad.net/bugs/1289033 https://access.redhat.com/security/cve/CVE-2014-0157 https://bugzilla.redhat.com/show_bug.cgi?id=1082858 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2014-2828 – openstack-keystone: denial of service via V3 API authentication chaining
https://notcve.org/view.php?id=CVE-2014-2828
The V3 API in OpenStack Identity (Keystone) 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service (CPU consumption) via a large number of the same authentication method in a request, aka "authentication chaining." La API V3 en OpenStack Identity (Keystone) 2013.1 anterior a 2013.2.4 y icehouse anterior a icehouse-rc2 permite a atacantes remotos causar una denegación de servicio (consumo de CPU) a través de un número grande del mismo método de autenticación en una solicitud, también conocido como "encadenamiento de autenticación." A flaw was found in the keystone V3 API. An attacker could send a single request with the same authentication method multiple times, possibly leading to a denial of service due to generating excessive load with minimal requests. Only keystone setups with the V3 API enabled were affected by this issue. • http://rhn.redhat.com/errata/RHSA-2014-1688.html http://www.openwall.com/lists/oss-security/2014/04/10/20 https://bugs.launchpad.net/keystone/+bug/1300274 https://access.redhat.com/security/cve/CVE-2014-2828 https://bugzilla.redhat.com/show_bug.cgi?id=1086211 • CWE-287: Improper Authentication CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.0EPSS: 0%CPEs: 7EXPL: 0CVE-2014-0105 – python-keystoneclient: Potential context confusion in Keystone middleware
https://notcve.org/view.php?id=CVE-2014-0105
The auth_token middleware in the OpenStack Python client library for Keystone (aka python-keystoneclient) before 0.7.0 does not properly retrieve user tokens from memcache, which allows remote authenticated users to gain privileges in opportunistic circumstances via a large number of requests, related to an "interaction between eventlet and python-memcached." El middleware auth_token en la librería del cliente Python de OpenStack para Keystone (también conocido como python-keystoneclient) anterior a 0.7.0 no consigue debidamente tokens de usuario de la memcache, lo cual permite a usuarios remotos autenticados ganar privilegios en circunstancias oportunistas a través de un gran número de peticiones, relacionado con una "interacción entre eventlet y python-memcached.". • http://rhn.redhat.com/errata/RHSA-2014-0382.html http://rhn.redhat.com/errata/RHSA-2014-0409.html http://www.openwall.com/lists/oss-security/2014/03/27/4 https://bugs.launchpad.net/python-keystoneclient/+bug/1282865 https://access.redhat.com/security/cve/CVE-2014-0105 https://bugzilla.redhat.com/show_bug.cgi?id=1082165 • CWE-255: Credentials Management Errors •