CVE-2019-10141 – openstack-ironic-inspector: SQL Injection vulnerability when receiving introspection data
https://notcve.org/view.php?id=CVE-2019-10141
A vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1. A SQL-injection vulnerability was found in openstack-ironic-inspector's node_cache.find_node(). This function makes a SQL query using unfiltered data from a server reporting inspection results (by a POST to the /v1/continue endpoint). Because the API is unauthenticated, the flaw could be exploited by an attacker with access to the network on which ironic-inspector is listening. Because of how ironic-inspector uses the query results, it is unlikely that data could be obtained. • https://access.redhat.com/errata/RHSA-2019:2505 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10141 https://docs.openstack.org/releasenotes/ironic-inspector/ocata.html#relnotes-5-0-2-7-origin-stable-ocata https://docs.openstack.org/releasenotes/ironic-inspector/pike.html#relnotes-6-0-3-4-stable-pike https://docs.openstack.org/releasenotes/ironic-inspector/queens.html#relnotes-7-2-4-stable-queens https://docs.openstack.org/releasenotes/ironic-inspector/rocky.html#relnotes-8-0-3-stable-rocky • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2019-3895 – openstack-tripleo-common: Allows running new amphorae based on arbitrary images
https://notcve.org/view.php?id=CVE-2019-3895
An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Director. An attacker could cause new amphorae to run based on any arbitrary image. This meant that a remote attacker could upload a new amphorae image and, if requested to spawn new amphorae, Octavia would then pick up the compromised image. Se descubrió un fallo de control de acceso en el servicio de Octavia cuando la plataforma en la nube se implementó con el Director de la plataforma de Red Hat OpenStack. Un atacante podría hacer que se ejecuten nuevas ánforas en función de cualquier imagen arbitraria. • https://access.redhat.com/errata/RHSA-2019:1683 https://access.redhat.com/errata/RHSA-2019:1742 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3895 https://access.redhat.com/security/cve/CVE-2019-3895 https://bugzilla.redhat.com/show_bug.cgi?id=1694608 • CWE-284: Improper Access Control •
CVE-2019-10876 – openstack-neutron: DOS via broken port range merging in security group
https://notcve.org/view.php?id=CVE-2019-10876
An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those security groups are present, because of an Open vSwitch (OVS) firewall KeyError. All Neutron deployments utilizing neutron-openvswitch-agent are affected. Se ha descubierto un problema en OpenStack Neutron, en las versiones 11.x anteriores a la 11.0.7, en las 12.x anteriores a la 12.0.6 y en las 13.x anteriores a la 13.0.3. Al crear dos grupos de seguridad con rangos de puertos separados/solapados, un usuario autenticado podría impedir que Neutron sea capaz de configurar las redes en cualquier nodo de cálculo donde se encuentran dichos grupos de seguridad, debido a un error de claves en el firewall de Open vSwitch (OVS). • http://www.openwall.com/lists/oss-security/2019/04/09/2 https://access.redhat.com/errata/RHSA-2019:0879 https://access.redhat.com/errata/RHSA-2019:0935 https://bugs.launchpad.net/ossa/+bug/1813007 https://review.openstack.org/#/q/topic:bug/1813007 https://security.openstack.org/ossa/OSSA-2019-002.html https://access.redhat.com/security/cve/CVE-2019-10876 https://bugzilla.redhat.com/show_bug.cgi?id=1695883 • CWE-20: Improper Input Validation •
CVE-2018-16856 – openstack-octavia: Private keys written to world-readable log files
https://notcve.org/view.php?id=CVE-2018-16856
In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowing for information exposure. En una instalación de Red Hat Openstack Platform Director por defecto, openstack-octavia en versiones anteriores a la 2.0.2-5 y openstack-octavia-3.0.1-0.20181009115732 crean archivos de registro que pueden ser leídos por todos los usuarios. La información sensible, como las claves privadas, puede aparecer en estos archivos, lo que permite la exposición de información. In a default Red Hat Openstack Platform Director installation, openstack-octavia creates log files that are readable by all users. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16856 https://access.redhat.com/security/cve/CVE-2018-16856 https://bugzilla.redhat.com/show_bug.cgi?id=1649165 • CWE-532: Insertion of Sensitive Information into Log File •
CVE-2019-3830 – openstack-ceilometer: ceilometer-agent prints sensitive data from config files through log files
https://notcve.org/view.php?id=CVE-2019-3830
A vulnerability was found in ceilometer before version 12.0.0.0rc1. An Information Exposure in ceilometer-agent prints sensitive configuration data to log files without DEBUG logging being activated. Se ha detectado una vulnerabilidad en ceilometer, en versiones anteriores a la 12.0.0.0rc1. Una exposición de información en ceilometer-agent imprime los datos sensibles de configuración en archivos de registro sin que esté activado el registro de DEBUG. A vulnerability was found in ceilometer where administrative credentials were permanently stored in the log. • https://access.redhat.com/errata/RHSA-2019:0919 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3830 https://access.redhat.com/security/cve/CVE-2019-3830 https://bugzilla.redhat.com/show_bug.cgi?id=1677389 • CWE-532: Insertion of Sensitive Information into Log File •