(RHSA-2020:2729) Moderate: openstack-manila and openstack-manila security update

2020-06-2412:05:00

access.redhat.com

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

8.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

EPSS

0.002

Percentile

53.5%

JSON

OpenStack Shared Filesystem Service (Manila) provides services to manage
network filesystems for use by Virtual Machine instances.

Security Fix(es):

User with share-network UUID is able to show create and delete shares
(CVE-2020-9543)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7noarchopenstack-manila< 6.3.2-3.el7ostopenstack-manila-6.3.2-3.el7ost.noarch.rpm
RedHat7noarchpython-manila-tests< 6.3.2-3.el7ostpython-manila-tests-6.3.2-3.el7ost.noarch.rpm
RedHat7noarchopenstack-manila-share< 6.3.2-3.el7ostopenstack-manila-share-6.3.2-3.el7ost.noarch.rpm
RedHat7noarchpython-manila< 6.3.2-3.el7ostpython-manila-6.3.2-3.el7ost.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	noarch	openstack-manila	< 6.3.2-3.el7ost	openstack-manila-6.3.2-3.el7ost.noarch.rpm
RedHat	7	noarch	python-manila-tests	< 6.3.2-3.el7ost	python-manila-tests-6.3.2-3.el7ost.noarch.rpm
RedHat	7	noarch	openstack-manila-share	< 6.3.2-3.el7ost	openstack-manila-share-6.3.2-3.el7ost.noarch.rpm
RedHat	7	noarch	python-manila	< 6.3.2-3.el7ost	python-manila-6.3.2-3.el7ost.noarch.rpm