Lucene search

PRIOn knowledge basePRION:CVE-2019-17134

HistoryOct 08, 2019 - 6:15 p.m.

Design/Logic Flaw

2019-10-0818:15:00

PRIOn knowledge base

www.prio-n.com

9.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.2%

JSON

Amphora Images in OpenStack Octavia >=0.10.0 <2.1.2, >=3.0.0 <3.2.0, >=4.0.0 <4.1.0 allows anyone with access to the management network to bypass client-certificate based authentication and retrieve information or issue configuration commands via simple HTTP requests to the Agent on port https/9443, because the cmd/agent.py gunicorn cert_reqs option is True but is supposed to be ssl.CERT_REQUIRED.

CPENameOperatorVersion
ubuntu_linuxeq19.04
octaviage0.10.0
octavialt2.1.2
octaviage3.0.0
octavialt3.2.0
octaviage4.0.0
octavialt4.1.0

Name	Operator	Version
ubuntu_linux	eq	19.04
octavia	ge	0.10.0
octavia	lt	2.1.2
octavia	ge	3.0.0
octavia	lt	3.2.0
octavia	ge	4.0.0
octavia	lt	4.1.0

References

access.redhat.com/errata/RHSA-2019:3743

access.redhat.com/errata/RHSA-2019:3788

access.redhat.com/errata/RHSA-2020:0721

review.opendev.org/686541

review.opendev.org/686543

review.opendev.org/686544

review.opendev.org/686545

review.opendev.org/686546

review.opendev.org/686547

security.openstack.org/ossa/OSSA-2019-005.html

storyboard.openstack.org/

usn.ubuntu.com/4153-1/