Lucene search
K

92 matches found

OSV
OSV
added 2024/09/13 3:10 p.m.18 views

RHSA-2019:0567 Red Hat Security Advisory: openstack-octavia security and bug fix update

Bulletin has no description...

5.5CVSS7.4AI score0.00878EPSS
Exploits0References14
RedHat Linux
RedHat Linux
added 2024/05/22 8:41 p.m.43 views

Moderate: Red Hat Security Advisory: openstack-tripleo-heat-templates and tripleo-ansible update

An update for openstack-tripleo-heat-templates and tripleo-ansible is now available for Red Hat OpenStack Platform 17.1 for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

5.5CVSS6.6AI score0.00203EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.22 views

RHEL 7 : openstack-octavia (RHSA-2019:3743)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3743 advisory. The OpenStack Load Balancing service openstack-octavia provides a Load Balancing-as-a-Service LBaaS version 2 implementation for Red Hat OpenStack...

9.1CVSS7AI score0.02296EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.13 views

RHEL 7 : openstack-octavia (RHSA-2019:0593)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0593 advisory. The OpenStack Load Balancing service openstack-octavia provides a Load Balancing-as-a-Service LBaaS version 2 implementation for Red Hat OpenStack...

7.5CVSS6.6AI score0.00878EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.17 views

RHEL 7 : openstack-octavia (RHSA-2019:3788)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3788 advisory. The OpenStack Load Balancing service openstack-octavia provides a Load Balancing-as-a-Service LBaaS version 2 implementation for Red Hat OpenStack...

9.1CVSS7AI score0.02296EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.15 views

RHEL 7 : openstack-octavia (RHSA-2019:0567)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0567 advisory. The OpenStack Load Balancing service openstack-octavia provides a Load Balancing-as-a-Service LBaaS version 2 implementation for Red Hat OpenStack...

7.5CVSS6.6AI score0.00878EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2023/02/15 4:23 a.m.2 views

SUSE CVE-2018-16856

In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowi...

7.5CVSS6.8AI score0.00878EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:7 a.m.5 views

SUSE CVE-2019-17134

Amphora Images in OpenStack Octavia =0.10.0 =3.0.0 =4.0.0 4.1.0 allows anyone with access to the management network to bypass client-certificate based authentication and retrieve information or issue configuration commands via simple HTTP requests to the Agent on port https/9443, because the...

6.5CVSS7.2AI score0.02296EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/01/23 12:0 a.m.21 views

RHEL 8 : openstack-octavia (RHSA-2020:0721)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0721 advisory. The OpenStack Load Balancing service openstack-octavia provides a Load Balancing-as-a-Service LBaaS version 2 implementation for Red Hat OpenStack...

9.1CVSS7AI score0.02296EPSS
Exploits0References7
vulnersOsv
vulnersOsv
added 2022/08/27 12:0 a.m.20 views

a10-octavia (>=1.0.0 <=2.2.0) potentially affected by CVE-2021-3563 via keystone (>=15.0.1 <=18.0.0)

keystone PYPI version =15.0.1, =1.0.0, =2.2.0 Source cves: CVE-2021-3563 Source advisory: OSV:GHSA-CC99-WHM5-MMQ3...

7.4CVSS6.8AI score0.01319EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/05/24 7:10 p.m.25 views

a10-octavia (>=2.0.0 <=2.2.0) potentially affected by CVE-2021-38155 via keystone (=18.0.0)

keystone PYPI version =18.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on keystone and may be impacted: - a10-octavia =2.0.0, =2.2.0 Source cves: CVE-2021-38155 Source advisory: OSV:GHSA-4225-97PR-RR52...

7.5CVSS6.6AI score0.02457EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/05/24 7:10 p.m.10 views

a10-octavia (>=1.0.0 <=1.3.3) potentially affected by CVE-2021-38155 via keystone (=15.0.1)

keystone PYPI version =15.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on keystone and may be impacted: - a10-octavia =1.0.0, =1.3.3 Source cves: CVE-2021-38155 Source advisory: OSV:GHSA-4225-97PR-RR52...

7.5CVSS6.6AI score0.02457EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2022/05/24 4:58 p.m.28 views

OpenStack Octavia Amphora-Agent not requiring Client-Certificate

Amphora Images in OpenStack Octavia =0.10.0 =3.0.0 =4.0.0 4.1.0 allows anyone with access to the management network to bypass client-certificate based authentication and retrieve information or issue configuration commands via simple HTTP requests to the Agent on port https/9443, because the...

9.1CVSS7.4AI score0.02296EPSS
Exploits0References16Affected Software1
OSV
OSV
added 2022/05/24 4:58 p.m.10 views

GHSA-R4V4-3JJ7-JC29 OpenStack Octavia Amphora-Agent not requiring Client-Certificate

Amphora Images in OpenStack Octavia =0.10.0 =3.0.0 =4.0.0 4.1.0 allows anyone with access to the management network to bypass client-certificate based authentication and retrieve information or issue configuration commands via simple HTTP requests to the Agent on port https/9443, because the...

9.1CVSS9.4AI score0.02296EPSS
Exploits0References16
Github Security Blog
Github Security Blog
added 2022/05/24 4:47 p.m.30 views

Openstack Octavia Access Control Vulnerability

Description An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Director. An attacker could cause new amphorae to run based on any arbitrary image. This meant that a remote attacker could upload a new amphorae image and, if...

8CVSS6.9AI score0.01421EPSS
Exploits0References12Affected Software1
OSV
OSV
added 2022/05/24 4:47 p.m.19 views

GHSA-JJGH-M322-FJX6 Openstack Octavia Access Control Vulnerability

Description An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Director. An attacker could cause new amphorae to run based on any arbitrary image. This meant that a remote attacker could upload a new amphorae image and, if...

5.5CVSS7.6AI score0.01421EPSS
Exploits0References12
vulnersOsv
vulnersOsv
added 2022/05/17 5:22 a.m.7 views

a10-octavia (>=1.0.0 <=2.2.0) potentially affected by CVE-2012-3542 via keystone (>=15.0.1 <=18.0.0)

keystone PYPI version =15.0.1, =1.0.0, =2.2.0 Source cves: CVE-2012-3542 Source advisory: OSV:GHSA-GF2Q-J2QQ-PJF2...

4.3CVSS5.8AI score0.0248EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/17 1:42 a.m.4 views

a10-octavia (>=1.0.0 <=2.2.0) potentially affected by CVE-2012-4413 via keystone (>=15.0.1 <=18.0.0)

keystone PYPI version =15.0.1, =1.0.0, =2.2.0 Source cves: CVE-2012-4413 Source advisory: OSV:GHSA-MRXV-65RV-6HXQ...

4CVSS5.8AI score0.01881EPSS
Exploits0
OSV
OSV
added 2022/05/13 1:7 a.m.6 views

GHSA-QCJ3-H27M-MP9X Openstack Octavia allows Insertion of Sensitive Information into Log File

In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowi...

8.7CVSS7.4AI score0.00878EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/05/13 1:7 a.m.32 views

Openstack Octavia allows Insertion of Sensitive Information into Log File

In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowi...

7.5CVSS6.5AI score0.00878EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder