Openstack cinder Improper handling of ScaleIO backend credentials

🗓️ 24 May 2022 17:20:04Reported by GitHub Advisory DatabaseType

Openstack Cinder insecure-credentials flaw in ScaleIO backend handlin

Reporter	Title	Published	Views	Family All 54
Circl	CVE-2020-10755	10 Jun 202020:55	–	circl
CVE	CVE-2020-10755	10 Jun 202015:55	–	cve
Cvelist	CVE-2020-10755	10 Jun 202015:55	–	cvelist
Debian CVE	CVE-2020-10755	10 Jun 202015:55	–	debiancve
EUVD	EUVD-2020-0061	7 Oct 202500:30	–	euvd
FreeBSD	py39-cinder -- insecure-credentials flaw	10 Jun 202000:00	–	freebsd
Tenable Nessus	FreeBSD : py39-cinder -- insecure-credentials flaw (f767d615-01db-47e9-b4ab-07bb8d3409fd)	14 Apr 202300:00	–	nessus
Tenable Nessus	RHEL 8 : openstack-cinder (RHSA-2020:4283)	29 Oct 202000:00	–	nessus
Tenable Nessus	RHEL 7 : openstack-cinder (RHSA-2020:4391)	29 Oct 202000:00	–	nessus
Tenable Nessus	Ubuntu 18.04 LTS / 20.04 LTS : Cinder and os-brick vulnerability (USN-4420-1)	8 Jul 202000:00	–	nessus

Vulners

Node

os-brickRange3.0.0–3.0.2pip

os-brickRange2.10.0–2.10.4pip

os-brickRange2.8.0–2.8.6pip

openstack cinderRange16.0.0–16.1.0pip

openstack cinderRange15.0.0–15.2.0pip

openstack cinderRange14.0.0–14.1.0pip

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-10755
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
wiki	www.wiki.openstack.org/wiki/OSSN/OSSN-0086
github	www.github.com/openstack/cinder/commit/ba785eef5f515b869c0d68016e84bb74f76ab45e
github	www.github.com/openstack/os-brick/commit/4047948f1ac8055a025972ad73ec3ec421450775
bugs	www.bugs.launchpad.net/cinder/+bug/1823200
github	www.github.com/pypa/advisory-database/tree/main/vulns/cinder/PYSEC-2020-228.yaml
usn	www.usn.ubuntu.com/4420-1
github	www.github.com/advisories/GHSA-v3m2-pg96-w33m

18 Nov 2024 16:26Current

6.7Medium risk

Vulners AI Score6.7

CVSS 24.3

CVSS 3.16.5

EPSS0.00182