CVE-2012-5476
https://notcve.org/view.php?id=CVE-2012-5476
Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value. En RHOS Essex Preview (versión 2012.2) del paquete del panel de control de OpenStack, el archivo /etc/quantum/quantum.conf es de tipo world readable y expone la contraseña de administrador y el valor del token. • https://access.redhat.com/security/cve/cve-2012-5476 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5476 https://security-tracker.debian.org/tracker/CVE-2012-5476 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2019-5527
https://notcve.org/view.php?id=CVE-2019-5527
ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.5. ESXi, Workstation, Fusion, VMRC y Horizon Client contienen una vulnerabilidad uso de la memoria previamente liberada en el dispositivo de sonido virtual. VMware ha evaluado la gravedad de este problema para estar en el rango de gravedad Importante con un puntaje base CVSSv3 máximo de 8.5. • https://www.vmware.com/security/advisories/VMSA-2019-0014.html • CWE-416: Use After Free •
CVE-2019-5513
https://notcve.org/view.php?id=CVE-2019-5513
VMware Horizon Connection Server (7.x before 7.8, 7.5.x before 7.5.2, 6.x before 6.2.8) contains an information disclosure vulnerability. Successful exploitation of this issue may allow disclosure of internal domain names, the Connection Server’s internal name, or the gateway’s internal IP address. VMware Horizon Connection Server (7.x anterior a la versión 7.8, 7.5.x anterior de 7.5.2, 6.x anterior de 6.2.8) contiene una vulnerabilidad de divulgación de información. La explotación con éxito de este problema puede permitir la divulgación de nombres de dominio internos, el nombre interno del servidor de conexión o la dirección IP interna de la puerta de enlace. • https://www.vmware.com/security/advisories/VMSA-2019-0003.html •
CVE-2017-7400 – python-django-horizon: XSS in federation mappings UI
https://notcve.org/view.php?id=CVE-2017-7400
OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 allows remote authenticated administrators to conduct XSS attacks via a crafted federation mapping. OpenStack Horizon 9.x a través de 9.1.1, 10.x en versiones hasta 10.0.2 y 11.0.0 permite a los administradores autenticados remotos realizar ataques XSS a través de una asignación de federación manipulada. A cross-site scripting flaw was discovered in the OpenStack dashboard (horizon) which allowed remote authenticated administrators to conduct XSS attacks using a crafted federation mapping rule. For this flaw to be exploited, federation mapping must be enabled in the dashboard. • http://www.securityfocus.com/bid/97324 https://access.redhat.com/errata/RHSA-2017:1598 https://access.redhat.com/errata/RHSA-2017:1739 https://launchpad.net/bugs/1667086 https://access.redhat.com/security/cve/CVE-2017-7400 https://bugzilla.redhat.com/show_bug.cgi?id=1439626 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-4428 – python-django-horizon: XSS in client side template
https://notcve.org/view.php?id=CVE-2016-4428
Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horizon) 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote authenticated users to inject arbitrary web script or HTML by injecting an AngularJS template in a dashboard form. Vulnerabilidad de XSS en OpenStack Dashboard (Horizon) 8.0.1 y versiones anteriores y 9.0.0 hasta la versión 9.0.1 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrario inyectando una plantilla AngularJS en un formulario del cuadro de mandos. A DOM-based, cross-site scripting vulnerability was found in the OpenStack dashboard, where user input was not filtered correctly. An authenticated dashboard user could exploit the flaw by injecting an AngularJS template into a dashboard form (for example, using an image's description), triggering the vulnerability when another user browsed the affected page. As a result, this flaw could result in user accounts being compromised (for example, user-access credentials being stolen). • http://www.debian.org/security/2016/dsa-3617 http://www.openwall.com/lists/oss-security/2016/06/17/4 https://access.redhat.com/errata/RHSA-2016:1268 https://access.redhat.com/errata/RHSA-2016:1269 https://access.redhat.com/errata/RHSA-2016:1270 https://access.redhat.com/errata/RHSA-2016:1271 https://access.redhat.com/errata/RHSA-2016:1272 https://bugs.launchpad.net/horizon/+bug/1567673 https://review.openstack.org/329996 https://review.openstack.org/329997 https • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •