IBM1FBE7DB331C66561FA8F651FC6AD22A53129EA1A2836AEC9FD6F2EF28775B119Security Bulletin: OpenStack Nova vulnerability affects IBM Cloud Manager with OpenStack (CVE-2017-7214)
0.005 Low
EPSS
Percentile
76.0%
Summary
IBM Cloud Manager has addressed vulnerability in OpenStack Nova.
Vulnerability Details
CVE-ID: CVE-2017-7214 DESCRIPTION: OpenStack Nova could allow a remote attacker to obtain sensitive information, caused by a flaw in the exception_wrapper.py. By viewing ERROR level logs, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 7.5
CVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/123591 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
IBM Cloud Manager with OpenStack 4.3.0 through 4.3.0.7
IBM Cloud Manager with OpenStack 4.1.0 through 4.1.0.5
Remediation/Fixes
Product
| VRMF| APAR| Remediation/First Fix
—|—|—|—
IBM Cloud Manager with OpenStack| 4.3.0| None| IBM Cloud Manager with Openstack 4.3 for fix pack 8:
https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FOther+software%2FCloud+Manager+with+Openstack&fixids=4.3.0.8-IBM-CMWO-FP08&source=SAR&function=fixId&parent=ibm/Other%20software
IBM Cloud Manager with OpenStack| 4.1.0| None| IBM Cloud Manager with Openstack 4.1 interim fix 7 for fix pack 5:
https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FOther+software%2FCloud+Manager+with+Openstack&fixids=4.1.0.5-IBM-CMWO-IF007&source=SAR&function=fixId&parent=ibm/Other%20software
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm cloud manager with openstack | eq | 4.1.0 | |
| ibm cloud manager with openstack | eq | 4.3.0 |
Related
0.005 Low
EPSS
Percentile
76.0%