SUSE-RU-2021:0351-1 Recommended update for ardana-horizon, ardana-logging, ardana-monasca, ardana-mq, ardana-osconfig, crowbar-ha, crowbar-openstack, kibana, openstack-neutron, openstack-nova, python-Django, release-notes-suse-openstack-cloud, sleshammer, spark

This update for ardana-horizon, ardana-logging, ardana-monasca, ardana-mq, ardana-osconfig, crowbar-ha, crowbar-openstack, kibana, openstack-neutron, openstack-nova, python-Django, release-notes-suse-openstack-cloud, sleshammer, spark fixes the following issues: Security fix from this update:...

Moderate: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Huawei EulerOS: Security Advisory for ceph (EulerOS-SA-2021-1136)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : ceph (EulerOS-SA-2021-1136)

According to the versions of the ceph packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Ope...

Huawei FusionSphere OpenStack Detection Consolidation

Consolidation of Huawei FusionSphere OpenStack detections. This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Huawei FusionSphere OpenStack Detection (SSH Login)

SSH login-based detection of Huawei FusionSphere OpenStack. This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Privilege Escalation

ceph is vulnerable to privilege escalation. The vulnerability exists as user credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila...

SUSE-SU-2021:0099-1 Security update for openstack-dashboard, release-notes-suse-openstack-cloud

This update for openstack-dashboard, release-notes-suse-openstack-cloud fixes the following issues: - Fix open redirect OSSA-2020-008, CVE-2020-29565 - Fix horizon-nodejs jobs. - Add workaround for secure boot issue when shim package is updated. bsc1179955...

ceph: User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila

User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved via the interface...

Ubuntu: Security Advisory (USN-4675-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4675-1: OpenStack Horizon vulnerability

Pritam Singh discovered that OpenStack Horizon incorrectly validated certain parameters. An attacker could possibly use this issue to cause OpenStack Horizon to redirect to a malicious URL...

USN-4675-1 horizon vulnerability

Pritam Singh discovered that OpenStack Horizon incorrectly validated certain parameters. An attacker could possibly use this issue to cause OpenStack Horizon to redirect to a malicious URL...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : OpenStack Horizon vulnerability (USN-4675-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4675-1 advisory. Pritam Singh discovered that OpenStack Horizon incorrectly validated certain parameters. An attacker could possibly use this issue to caus...

Debian DSA-4820-1 : horizon - security update

Pritam Singh discovered an open redirect in the workflow forms of OpenStack Horizon. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4820. The text itself is copyright C Software in the Public Interest, Inc...

Debian: Security Advisory (DSA-4820-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 4820-1] horizon security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4820-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 27, 2020 https://www.debian.org/security/faq -...

CVE-2020-27781

User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved via the interface...

DEBIAN-CVE-2020-27781

User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved via the interface...

CVE-2020-27781

User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved via the interface...

Privilege escalation

User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved via the interface...