Lucene search
Redhat.comRH:CVE-2020-9543HistoryMar 11, 2020 - 6:10 a.m.
CVE-2020-9543
2020-03-1106:10:49
redhat.com
access.redhat.com
8
EPSS
0.002
Percentile
53.5%
An access flaw was found in openstack-manila, where the API did not validate the user/project on commands. A malicious user having the UUID of a share-network could view, update, delete, or share resources that did not belong to them. Attackers could also create resources on shared networks (for example, shared file systems or groups of shares).
Mitigation
There is no known mitigation for this issue, the flaw can only be resolved by applying updates.
Related
nessus
nessus
RHEL 7 : openstack-manila and openstack-manila (RHSA-2020:2729)
2020-06-24 00:00:00
RHEL 8 : openstack-manila (RHSA-2020:1326)
2020-04-07 00:00:00
RHEL 8 : openstack-manila (RHSA-2020:2165)
2020-05-14 00:00:00
osv
osv
PYSEC-2020-63
2020-03-12 17:15:00
CVE-2020-9543
2020-03-12 17:15:11
github
github
debiancve
debiancve
CVE-2020-9543
2020-03-12 17:15:11
cvelist
cvelist
CVE-2020-9543
2020-03-12 16:40:20
ubuntucve
ubuntucve
CVE-2020-9543
2020-03-10 00:00:00
prion
prion
Code injection
2020-03-12 17:15:00
redhat
redhat
(RHSA-2020:1326) Moderate: openstack-manila security update
2020-04-06 08:40:55
(RHSA-2020:2165) Moderate: openstack-manila security update
2020-05-14 10:06:40
nvd
nvd
CVE-2020-9543
2020-03-12 17:15:11
cve
cve
CVE-2020-9543
2020-03-12 17:15:11