7821 matches found
CVE-2020-9079
FusionSphere OpenStack 8.0.0 have a protection mechanism failure vulnerability. The product incorrectly uses a protection mechanism. An attacker has to find a way to exploit the vulnerability to conduct directed attacks against the affected product...
CVE-2020-9079
FusionSphere OpenStack 8.0.0 have a protection mechanism failure vulnerability. The product incorrectly uses a protection mechanism. An attacker has to find a way to exploit the vulnerability to conduct directed attacks against the affected product...
Design/Logic Flaw
FusionSphere OpenStack 8.0.0 have a protection mechanism failure vulnerability. The product incorrectly uses a protection mechanism. An attacker has to find a way to exploit the vulnerability to conduct directed attacks against the affected product...
CVE-2020-9079
FusionSphere OpenStack 8.0.0 have a protection mechanism failure vulnerability. The product incorrectly uses a protection mechanism. An attacker has to find a way to exploit the vulnerability to conduct directed attacks against the affected product...
CVE-2020-9079
Huawei FusionSphere OpenStack 8.0.0 has a protection mechanism failure vulnerability (CVE-2020-9079) due to incorrect use of a protection mechanism. The NVD entry lists a high impact (CVSSv3.1 base score 8.8) with adjacent access, no privileges required, and high impacts to confidentiality, integ...
RHEL 8 : python-paunch and openstack-tripleo-heat-templates (RHSA-2020:3406)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:3406 advisory. Library and utility to launch and manage containers using YAML based configuration data. openstack-tripleo-heat-templates is a collection of OpenStac...
RHEL 8 : python-paunch and openstack-tripleo-heat-templates (RHSA-2020:3410)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:3410 advisory. Library and utility to launch and manage containers using YAML based configuration data. openstack-tripleo-heat-templates is a collection of OpenStac...
SUSE-RU-2020:2161-1 Security update for ansible1, ardana-ansible, ardana-cobbler, ardana-glance, ardana-input-model, ardana-logging, ardana-manila, ardana-monasca, ardana-mq, ardana-neutron, ardana-octavia, ardana-tempest, crowbar-core, crowbar-openstack, grafana, kibana, openstack-barbican, openstack-ceilometer, openstack-cinder, openstack-dashboard, openstack-designate, openstack-heat-templates, openstack-ironic, openstack-keystone, openstack-magnum, openstack-manila, openstack-monasca-agent, openstack-neutron, openstack-neutron-vsphere, openstack-nova, openstack-octavia, openstack-octavia-amphora-image, openstack-resource-agents, python-Django1, python-Pillow, python-ardana-packager, python-heatclient, python-neutron-tempest-plugin, python-octavia-tempest-plugin, python-os-brick, python-oslo.messaging, python-pyroute2, python-urllib3, python-waitress, release-notes-suse-openstack-cloud, rubygem-activeresource, rubygem-json-1_7, rubygem-puma
This update for ansible1, ardana-ansible, ardana-cobbler, ardana-glance, ardana-input-model, ardana-logging, ardana-manila, ardana-monasca, ardana-mq, ardana-neutron, ardana-octavia, ardana-tempest, crowbar-core, crowbar-openstack, grafana, kibana, openstack-barbican, openstack-ceilometer,...
Huawei FusionSphere OpenStack Protection Mechanism Failure Vulnerability
Huawei FusionSphere OpenStack is an OpenStack-based cloud operating system from Huawei, China. A security vulnerability exists in Huawei FusionSphere OpenStack version 8.0.0, which stems from the program incorrectly using a protection mechanism. An attacker could exploit the vulnerability to...
CVE-2020-10731
A flaw was found in the novalibvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. This flaw causes sVirt, an important isolation mechanism, to be disabled for all running virtual machines...
Design/Logic Flaw
A flaw was found in the novalibvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. This flaw causes sVirt, an important isolation mechanism, to be disabled for all running virtual machines...
CVE-2020-10731
A flaw was found in the novalibvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. This flaw causes sVirt, an important isolation mechanism, to be disabled for all running virtual machines...
CVE-2020-10731
Summary: CVE-2020-10731 affects the nova_libvirt container in Red Hat OpenStack Platform 16, where SELinux is not enabled, which disables sVirt isolation for running VMs. The issue is described across multiple sources as eliminating sVirt protection due to disabled SELinux. Public technical detai...
openstack-tripleo-heat-templates: No sVirt protection for OSP16 VMs due to disabled SELinux
A flaw was found in the novalibvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. This flaw causes sVirt, an important isolation mechanism, to be disabled for all running virtual machines...
Important: Red Hat Security Advisory: openstack-tripleo-heat-templates security update
An update for openstack-tripleo-heat-templates is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Rocky Enterprise Software Foundation OpenStack Platform 16.1 bug fix and enhancement advisory
An update is available for python-gflags, python-oauth2client, google-api-python-client, python-httplib2, python-uritemplate. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
RHEL 8 : openstack-tripleo-heat-templates (RHSA-2020:3199)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:3199 advisory. openstack-tripleo-heat-templates is a collection of OpenStack Orchestration templates and tools codename heat, which can be used to help deploy...
CVE-2020-10731
A flaw was found in the novalibvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. This flaw causes sVirt, an important isolation mechanism, to be disabled for all running virtual machines...
openstack-keystone: Credentials endpoint policy logic allows changing credential owner and target project ID
A vulnerability was found in Keystone's EC2 credentials API. This flaw allows any authenticated user to create an EC2 credential for themselves for a project that they have a specified role, and then perform an update to the credential user and project, allowing them to masquerade as another user...
Important: Red Hat Security Advisory: openstack-keystone security update
An update for openstack-keystone is now available for Red Hat OpenStack Platform 16 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...