CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2016-7404
https://notcve.org/view.php?id=CVE-2016-7404
21 Jun 2019 — OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. While these should just be used for retrieving the instances' SSL certificates, they allow full API access, though and can be used to perform any API operation the user is authorized to perform. OpenStack Magnum pasa las credenciales de OpenStack a las plantillas Heat creando sus instancias. Si bien esto solo debe ser usado para recuperar los certificados SSL de las instancias, permiten el acceso total a la API, y ... • https://bugs.launchpad.net/magnum/+bug/1620536 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2019-3895 – openstack-tripleo-common: Allows running new amphorae based on arbitrary images
https://notcve.org/view.php?id=CVE-2019-3895
03 Jun 2019 — An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Director. An attacker could cause new amphorae to run based on any arbitrary image. This meant that a remote attacker could upload a new amphorae image and, if requested to spawn new amphorae, Octavia would then pick up the compromised image. Se descubrió un fallo de control de acceso en el servicio de Octavia cuando la plataforma en la nube se implementó con el Director de la plataf... • https://access.redhat.com/errata/RHSA-2019:1683 • CWE-284: Improper Access Control •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2011-3147 – qcow format could expose host filesystem information
https://notcve.org/view.php?id=CVE-2011-3147
22 Apr 2019 — Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem. Las versiones de nova anteriores a 2012.1 podrían exponer los archivos de host de hipervisor a un sistema operativo invitado al procesar un sistema de archivos qcow construido de forma maliciosa. • http://bazaar.launchpad.net/~hudson-openstack/nova/trunk/revision/1604 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2019-10876 – openstack-neutron: DOS via broken port range merging in security group
https://notcve.org/view.php?id=CVE-2019-10876
05 Apr 2019 — An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those security groups are present, because of an Open vSwitch (OVS) firewall KeyError. All Neutron deployments utilizing neutron-openvswitch-agent are affected. Se ha descubierto un problema en OpenStack Neutron, en las versi... • http://www.openwall.com/lists/oss-security/2019/04/09/2 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-3830 – openstack-ceilometer: ceilometer-agent prints sensitive data from config files through log files
https://notcve.org/view.php?id=CVE-2019-3830
14 Mar 2019 — A vulnerability was found in ceilometer before version 12.0.0.0rc1. An Information Exposure in ceilometer-agent prints sensitive configuration data to log files without DEBUG logging being activated. Se ha detectado una vulnerabilidad en ceilometer, en versiones anteriores a la 12.0.0.0rc1. Una exposición de información en ceilometer-agent imprime los datos sensibles de configuración en archivos de registro sin que esté activado el registro de DEBUG. A vulnerability was found in ceilometer where administrat... • https://access.redhat.com/errata/RHSA-2019:0919 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-16856 – openstack-octavia: Private keys written to world-readable log files
https://notcve.org/view.php?id=CVE-2018-16856
14 Mar 2019 — In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowing for information exposure. En una instalación de Red Hat Openstack Platform Director por defecto, openstack-octavia en versiones anteriores a la 2.0.2-5 y openstack-octavia-3.0.1-0.20181009115732 crean archivos de... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16856 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.1EPSS: 1%CPEs: 8EXPL: 1CVE-2019-9735 – openstack-neutron: incorrect validation of port settings in iptables security group driver
https://notcve.org/view.php?id=CVE-2019-9735
13 Mar 2019 — An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By setting a destination port in a security group rule along with a protocol that doesn't support that option (for example, VRRP), an authenticated user may block further application of security group rules for instances from any project/tenant on the compute hosts to which it's applied. (Only deployments using the iptables security group driver are affe... • http://www.openwall.com/lists/oss-security/2019/03/18/2 • CWE-20: Improper Input Validation CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20170
https://notcve.org/view.php?id=CVE-2018-20170
17 Dec 2018 — OpenStack Keystone through 14.0.1 has a user enumeration vulnerability because invalid usernames have much faster responses than valid ones for a POST /v3/auth/tokens request. NOTE: the vendor's position is that this is a hardening opportunity, and not necessarily an issue that should have an OpenStack Security Advisory ** EN DISPUTA ** OpenStack Keystone hasta la versión 14.0.1 tiene una vulnerabilidad de enumeración de usuarios debido a que los nombres de usuario inválidos tienen respuestas mucho más rápi... • https://bugs.launchpad.net/keystone/+bug/1795800 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-14635 – openstack-neutron: A router interface out of subnet IP range results in a denial of service
https://notcve.org/view.php?id=CVE-2018-14635
10 Sep 2018 — When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from outside of the allowed allocation pool. Versions of openstack-neutron before 13.0.0.0b2, 12.0.3 and 11.0.5 are vulnerable. Al emplear el controlador de Linux bridge ml2, los inquilinos sin privilegios pueden crear y adj... • https://access.redhat.com/errata/RHSA-2018:2710 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2018-14636
https://notcve.org/view.php?id=CVE-2018-14636
10 Sep 2018 — Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due to the Open vSwitch integration bridge being connected to the instance during migration. When connected to the integration bridge, all traffic for instances using the same Open vSwitch instance would potentially be ... • https://bugs.launchpad.net/neutron/+bug/1734320 • CWE-300: Channel Accessible by Non-Endpoint •