Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2024:0216
HistoryJan 16, 2024 - 2:13 p.m.

(RHSA-2024:0216) Moderate: Red Hat OpenStack Platform 17.1 (openstack-tripleo-common) security update

2024-01-1614:13:13
access.redhat.com
14
red hat openstack
security update
python library
cve-2022-38060
sudo privilege escalation
tripleo.

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

Low

EPSS

0

Percentile

12.9%

JSON

This update affects a Python library for code used by TripleO projects.

Security Fix(es):

  • sudo privilege escalation vulnerability (CVE-2022-38060)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat9noarchopenstack-tripleo-common-devtools< 15.4.1-17.1.20230927010819.el9ostopenstack-tripleo-common-devtools-15.4.1-17.1.20230927010819.el9ost.noarch.rpm
RedHat9noarchpython3-tripleo-common< 15.4.1-17.1.20230927010819.el9ostpython3-tripleo-common-15.4.1-17.1.20230927010819.el9ost.noarch.rpm
RedHat9noarchopenstack-tripleo-common-container-base< 15.4.1-17.1.20230927010819.el9ostopenstack-tripleo-common-container-base-15.4.1-17.1.20230927010819.el9ost.noarch.rpm
RedHat9noarchopenstack-tripleo-common< 15.4.1-17.1.20230927010819.el9ostopenstack-tripleo-common-15.4.1-17.1.20230927010819.el9ost.noarch.rpm
RedHat9noarchopenstack-tripleo-common-containers< 15.4.1-17.1.20230927010819.el9ostopenstack-tripleo-common-containers-15.4.1-17.1.20230927010819.el9ost.noarch.rpm

Related

nessus 2
cvelist 1
prion 1
cve 1
redhat 1
redhatcve 2
talos 1
nvd 1
nessus
nessus
RHEL 8 : Red Hat OpenStack Platform 17.1 (openstack-tripleo-common) (RHSA-2024:0191)
2024-04-28 00:00:00
RHEL 9 : Red Hat OpenStack Platform 17.1 (openstack-tripleo-common) (RHSA-2024:0216)
2024-01-16 00:00:00
cvelist
cvelist
CVE-2022-38060
2022-12-21 00:00:00
prion
prion
Privilege escalation
2022-12-21 11:15:00
cve
cve
CVE-2022-38060
2022-12-21 11:15:09
redhat
redhat
(RHSA-2024:0191) Moderate: Red Hat OpenStack Platform 17.1 (openstack-tripleo-common) security update
2024-01-16 14:14:12
redhatcve
redhatcve
CVE-2022-38060
2023-08-28 15:49:17
CVE-2023-3976
2024-02-21 15:02:30
talos
talos
OpenStack Kolla sudo privilege escalation vulnerability
2022-12-20 00:00:00
nvd
nvd
CVE-2022-38060
2022-12-21 11:15:09

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

Low

EPSS

0

Percentile

12.9%

JSON
Related for RHSA-2024:0216
nessus2cvelist1prion1cve1redhat1redhatcve2talos1nvd1