Important: Red Hat Security Advisory: openstack-keystone security update

An update for openstack-keystone is now available for Red Hat OpenStack Platform 13 Queens. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: openstack-manila and openstack-manila security update

An update for openstack-manila and openstack-manila is now available for Red Hat OpenStack Platform 13 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

openstack-manila: User with share-network UUID is able to show, create and delete shares

An access flaw was found in openstack-manila, where the API did not validate the user/project on commands. A malicious user having the UUID of a share-network could view, update, delete, or share resources that did not belong to them. Attackers could also create resources on shared networks for...

Privilege Escalation

openstack keystone is vulnerable to privilege escalation. The library does not properly enforce the role parameters associated to an OAuth1 access token. A keystone token containing every role assignment is assigned to a low-privileged user, granting the user more access than required...

RHEL 7 : openstack-manila and openstack-manila (RHSA-2020:2729)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2729 advisory. OpenStack Shared Filesystem Service Manila provides services to manage network filesystems for use by Virtual Machine instances. OpenStack Shared...

RHEL 7 : openstack-keystone (RHSA-2020:2732)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2732 advisory. The OpenStack Identity service keystone authenticates and authorizes OpenStack users by keeping track of users and their permitted activitie...

CVE-2017-8761

A flaw was found in openstack-swift, where the proxy server logs valid temporary URLs, that might be used to gain access to data by anyone with access to the logfiles. This is especially important with tempurls that are valid for extended periods or when using central logging servers, accessed by...

Security Bulletin: PowerVC is impacted by an Openstack Nova vulnerability which could leak consoleauth tokens into log files (CVE-2015-9543)

Summary An issue discovered in Openstack Nova can leak consoleauth tokens into log files which can be used by an attacker with access to service's log files to gain additional access in to the Openstack based deployment. Vulnerability Details CVEID: CVE-2015-9543 DESCRIPTION: OpenStack Nova could...

Huawei FusionSphere OpenStack Incorrect Privilege Management Vulnerability

Huawei FusionSphere OpenStack is an OpenStack-based cloud operating system from Huawei, China. A security vulnerability exists in Huawei FusionSphere OpenStack version 6.5.1, which stems from the program failing to properly assign privileges. An attacker could exploit the vulnerability to perform...

The vulnerability of the automated cloud computing platform SUSE OpenStack Cloud, related to insecure privilege management, allows a hacker to escalate their privileges.

The vulnerability of the automated cloud computing platform SUSE OpenStack Cloud lies in the insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2020-9225

FusionSphere OpenStack 6.5.1 have an improper permissions management vulnerability. The software does not correctly perform a privilege assignment when an actor attempts to perform an action. Successful exploit could allow certain user to do certain operations beyond its privilege...

CVE-2020-9225

FusionSphere OpenStack 6.5.1 have an improper permissions management vulnerability. The software does not correctly perform a privilege assignment when an actor attempts to perform an action. Successful exploit could allow certain user to do certain operations beyond its privilege...

Design/Logic Flaw

FusionSphere OpenStack 6.5.1 have an improper permissions management vulnerability. The software does not correctly perform a privilege assignment when an actor attempts to perform an action. Successful exploit could allow certain user to do certain operations beyond its privilege...

CVE-2020-9225

CVE-2020-9225 affects Huawei FusionSphere OpenStack 6.5.1, involving improper privilege management where privilege assignment is not performed correctly, enabling a user to perform operations beyond their privileges. The issue is tied to the FusionSphere/OpenStack component and is described acros...

CVE-2020-9225

FusionSphere OpenStack 6.5.1 have an improper permissions management vulnerability. The software does not correctly perform a privilege assignment when an actor attempts to perform an action. Successful exploit could allow certain user to do certain operations beyond its privilege...

SUSE SLES12 Security Update : krb5-appl (SUSE-SU-2020:1533-1)

This update for krb5-appl fixes the following issues : CVE-2020-10188: Fixed a remote root execution bsc1165787. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as...

CVE-2018-16848

A Denial of Service DoS condition is possible in OpenStack Mistral in versions up to and including 7.0.3. Submitting a specially crafted workflow definition YAML file containing nested anchors can lead to resource exhaustion culminating in a denial of service...

CVE-2018-16848

A Denial of Service DoS condition is possible in OpenStack Mistral in versions up to and including 7.0.3. Submitting a specially crafted workflow definition YAML file containing nested anchors can lead to resource exhaustion culminating in a denial of service...

DEBIAN-CVE-2018-16848

A Denial of Service DoS condition is possible in OpenStack Mistral in versions up to and including 7.0.3. Submitting a specially crafted workflow definition YAML file containing nested anchors can lead to resource exhaustion culminating in a denial of service...

Design/Logic Flaw

A Denial of Service DoS condition is possible in OpenStack Mistral in versions up to and including 7.0.3. Submitting a specially crafted workflow definition YAML file containing nested anchors can lead to resource exhaustion culminating in a denial of service...