CVE-2017-7549
instack-undercloud: uses hardcoded /tmp paths
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A flaw was found in instack-undercloud 7.2.0 as packaged in Red Hat OpenStack Platform Pike, 6.1.0 as packaged in Red Hat OpenStack Platform Oacta, 5.3.0 as packaged in Red Hat OpenStack Newton, where pre-install and security policy scripts used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files.
Se ha encontrado un error en la versión 7.2.0 de instack-undercloud tal y como viene incorporado en Red Hat OpenStack Platform Pike; la versión 6.1.0 en Red Hat OpenStack Platform Oacta y la versión 5.3.0 en Red Hat OpenStack Newton, en donde los scripts de preinstalación y políticas de seguridad emplearon archivos temporales no seguros. Un usuario local podría explotar esta vulnerabilidad para llevar a cabo un ataque de enlace simbólico que les permita sobrescribir el contenido de archivos arbitrarios.
A flaw was found in instack-undercloud where pre-install and security policy scripts used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-04-05 CVE Reserved
- 2017-08-30 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-59: Improper Link Resolution Before File Access ('Link Following')
- CWE-377: Insecure Temporary File
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/100407 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2017:2557 | 2023-02-12 | |
| https://access.redhat.com/errata/RHSA-2017:2649 | 2023-02-12 | |
| https://access.redhat.com/errata/RHSA-2017:2687 | 2023-02-12 | |
| https://access.redhat.com/errata/RHSA-2017:2693 | 2023-02-12 | |
| https://access.redhat.com/errata/RHSA-2017:2726 | 2023-02-12 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1477403 | 2017-09-13 | |
| https://access.redhat.com/security/cve/CVE-2017-7549 | 2017-09-13 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Openstack Search vendor "Openstack" | Instack-undercloud Search vendor "Openstack" for product "Instack-undercloud" | 7.2.0 Search vendor "Openstack" for product "Instack-undercloud" and version "7.2.0" | - |
Affected
| in | Redhat Search vendor "Redhat" | Openstack Search vendor "Redhat" for product "Openstack" | 12 Search vendor "Redhat" for product "Openstack" and version "12" | - |
Safe
|
| Openstack Search vendor "Openstack" | Instack-undercloud Search vendor "Openstack" for product "Instack-undercloud" | 6.1.0 Search vendor "Openstack" for product "Instack-undercloud" and version "6.1.0" | - |
Affected
| in | Redhat Search vendor "Redhat" | Openstack Search vendor "Redhat" for product "Openstack" | 11 Search vendor "Redhat" for product "Openstack" and version "11" | - |
Safe
|
| Openstack Search vendor "Openstack" | Instack-undercloud Search vendor "Openstack" for product "Instack-undercloud" | 5.3.0 Search vendor "Openstack" for product "Instack-undercloud" and version "5.3.0" | - |
Affected
| in | Redhat Search vendor "Redhat" | Openstack Search vendor "Redhat" for product "Openstack" | 10 Search vendor "Redhat" for product "Openstack" and version "10" | - |
Safe
|