CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
76.3%
openstack-aodh provides the ability to trigger actions based on defined rules against metric or event data collected by OpenStack Telemetry (ceilometer) or Time-Series-Database-as-a-Service (gnocchi).
openstack-aodh has been rebased to the upstream 4.0.2-3 version.
Security Fix(es):
Red Hat would like to thank the OpenStack project for reporting this issue. Upstream acknowledges Zane Bitter (Red Hat) as the original reporter.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 7 | noarch | openstack-aodh-listener | < 4.0.2-3.el7ost | openstack-aodh-listener-4.0.2-3.el7ost.noarch.rpm |
RedHat | 7 | noarch | python-aodh | < 4.0.2-3.el7ost | python-aodh-4.0.2-3.el7ost.noarch.rpm |
RedHat | 7 | noarch | openstack-aodh-notifier | < 4.0.2-3.el7ost | openstack-aodh-notifier-4.0.2-3.el7ost.noarch.rpm |
RedHat | 7 | noarch | python-aodh-tests | < 4.0.2-3.el7ost | python-aodh-tests-4.0.2-3.el7ost.noarch.rpm |
RedHat | 7 | noarch | openstack-aodh-expirer | < 4.0.2-3.el7ost | openstack-aodh-expirer-4.0.2-3.el7ost.noarch.rpm |
RedHat | 7 | noarch | openstack-aodh-compat | < 4.0.2-3.el7ost | openstack-aodh-compat-4.0.2-3.el7ost.noarch.rpm |
RedHat | 7 | noarch | openstack-aodh-api | < 4.0.2-3.el7ost | openstack-aodh-api-4.0.2-3.el7ost.noarch.rpm |
RedHat | 7 | noarch | openstack-aodh-evaluator | < 4.0.2-3.el7ost | openstack-aodh-evaluator-4.0.2-3.el7ost.noarch.rpm |
RedHat | 7 | noarch | openstack-aodh-common | < 4.0.2-3.el7ost | openstack-aodh-common-4.0.2-3.el7ost.noarch.rpm |
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
76.3%