Lucene search
GoogleOSV:GHSA-RFM2-F94J-QHJPHistoryApr 22, 2024 - 12:30 p.m.
OpenStack Storlets arbitrary code execution vulnerability
2024-04-2212:30:33
Google
osv.dev
5
openstack
storlets
code execution
vulnerability
yoga-eom
gateway.py
software
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
AI Score
8.1
Confidence
Low
EPSS
0
Percentile
9.0%
An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via the gateway.py component.
Related
vulnrichment
vulnrichment
CVE-2024-28717
2024-04-22 00:00:00
github
github
OpenStack Storlets arbitrary code execution vulnerability
2024-04-22 12:30:33
nvd
nvd
CVE-2024-28717
2024-04-22 12:15:07
cve
cve
CVE-2024-28717
2024-04-22 12:15:07
veracode
veracode
Time-of-check Time-of-use (TOCTOU) Attack
2024-04-23 05:53:15
cvelist
cvelist
CVE-2024-28717
2024-04-22 00:00:00
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
AI Score
8.1
Confidence
Low
EPSS
0
Percentile
9.0%
Related for OSV:GHSA-RFM2-F94J-QHJP