Lucene search

Openstack Octavia Access Control Vulnerability

🗓️ 24 May 2022 16:03:47Reported by GitHub Advisory DatabaseType

Openstack Octavia Access Control Vulnerability found in Red Hat OpenStack Platform Director, allowing remote attackers to spawn new amphorae based on arbitrary images

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 17
RedHat Linux	(RHSA-2019:1742) Moderate: openstack-tripleo-common security and bug fix update	10 Jul 201912:09	–	redhat
RedHat Linux	(RHSA-2019:1683) Moderate: openstack-tripleo-common security and bug fix update	2 Jul 201916:17	–	redhat
Cvelist	CVE-2019-3895	3 Jun 201918:04	–	cvelist
Tenable Nessus	RHEL 7 : openstack-tripleo-common (RHSA-2019:1683)	28 Apr 202400:00	–	nessus
Tenable Nessus	RHEL 7 : openstack-tripleo-common (RHSA-2019:1742)	28 Apr 202400:00	–	nessus
NVD	CVE-2019-3895	3 Jun 201919:29	–	nvd
OSV	RHSA-2019:1742 Red Hat Security Advisory: openstack-tripleo-common security and bug fix update	13 Sep 202414:09	–	osv
OSV	CVE-2019-3895	3 Jun 201919:29	–	osv
OSV	Openstack Octavia Access Control Vulnerability	24 May 202216:47	–	osv
OSV	RHSA-2019:1683 Red Hat Security Advisory: openstack-tripleo-common security and bug fix update	13 Sep 202414:09	–	osv

Vulners

Node

opendev octaviaRange<0.9.0

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2019-3895
access	www.access.redhat.com/errata/RHSA-2019:1683
access	www.access.redhat.com/errata/RHSA-2019:1742
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
github	www.github.com/openstack/octavia/commit/d7d062a47ab54a540d81f13a0e5f3085ebfaa0d2
github	www.github.com/openstack/tripleo-common/commit/e7c5eab712e0f70ecbc6d225d4766e0fe0f3f884
bugs	www.bugs.launchpad.net/octavia/+bug/1620629
bugs	www.bugs.launchpad.net/tripleo/+bug/1830607
github	www.github.com/openstack/octavia/blob/08570831754d9671fbd1756d668f55f191e47ca4/octavia/compute/drivers/nova_driver.py
opendev	www.opendev.org/openstack/octavia/commit/d7d062a47ab54a540d81f13a0e5f3085ebfaa0d2

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 May 2022 16:47Current

6.9Medium risk

Vulners AI Score6.9

CVSS26.8

CVSS35.5 - 8

EPSS0.00668

CWE-284