Lucene search
K

209 matches found

RedhatCVE
RedhatCVE
added 2022/09/22 8:48 p.m.28 views

CVE-2022-3277

An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significa...

4.3CVSS6.4AI score0.01056EPSS
Exploits0References4
CNVD
CNVD
added 2022/05/26 12:0 a.m.18 views

Open Automation Software OAS Platform访问控制错误漏洞

Open Automation Software OAS Platform is an industrial Internet of Things IoT suite from Open Automation Software, Inc. An access control error vulnerability exists in Open Automation Software OAS Platform version V16.00.0112, which stems from an external configuration control issue with the OAS...

7.5CVSS2.4AI score0.01208EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/05/25 12:0 a.m.4 views

Open Automation Software OAS Platform 访问控制错误漏洞

Open Automation Software OAS Platform is an industrial Internet of Things IoT suite from Open Automation Software, Inc. An access control error vulnerability exists in Open Automation Software OAS Platform version V16.00.0112, which stems from an external configuration control issue with the OAS...

7.5CVSS5.6AI score0.01208EPSS
Exploits1References5
OSV
OSV
added 2022/05/17 4:58 a.m.5 views

GHSA-27Q4-38QF-M25H OpenStack Compute Nova Improper Access Control

The XenAPI backend in OpenStack Compute Nova Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups 1 when resizing an image or 2 during live migration, which allows remote attackers to bypass intended restrictions...

6.4CVSS6.5AI score0.01808EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2022/05/17 4:58 a.m.32 views

OpenStack Compute Nova Improper Access Control

The XenAPI backend in OpenStack Compute Nova Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups 1 when resizing an image or 2 during live migration, which allows remote attackers to bypass intended restrictions...

6.4CVSS7.3AI score0.01808EPSS
Exploits0References10Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/17 3:52 a.m.30 views

OpenStack Neutron Race condition vulnerability

Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group...

3.5CVSS7AI score0.00963EPSS
Exploits0References12Affected Software1
OSV
OSV
added 2022/05/17 1:45 a.m.3 views

GHSA-46R8-9CJ7-PW6G OpenStack Compute (Nova) Improper Input Validation

The 1 EC2 and 2 OS APIs in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 do not properly check the protocol when security groups are created and the network protocol is not specified entirely in lowercase, which allows remote attackers to bypass intended access restriction...

4.3CVSS6.5AI score0.02626EPSS
Exploits1References10
Github Security Blog
Github Security Blog
added 2022/05/17 1:45 a.m.21 views

OpenStack Compute (Nova) Improper Input Validation

The 1 EC2 and 2 OS APIs in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 do not properly check the protocol when security groups are created and the network protocol is not specified entirely in lowercase, which allows remote attackers to bypass intended access restriction...

4.3CVSS7.3AI score0.02626EPSS
Exploits1References10Affected Software1
OSV
OSV
added 2022/05/14 1:59 a.m.10 views

GHSA-PH2H-HH49-VH27 OpenStack Nova Denial of Service in network source security groups

Algorithmic complexity vulnerability in OpenStack Compute Nova before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote authenticated users to cause a denial of service nova-network consumption via a large number of...

4CVSS6AI score0.02087EPSS
Exploits1References8
Github Security Blog
Github Security Blog
added 2022/05/13 1:7 a.m.26 views

OpenStack Neutron's unsupported dport option prevents applying security groups

An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By setting a destination port in a security group rule along with a protocol that doesn't support that option for example, VRRP, an...

6.5CVSS6.5AI score0.03635EPSS
Exploits1References14Affected Software1
OSV
OSV
added 2022/05/13 1:7 a.m.21 views

GHSA-HVXR-2FVV-C3WQ OpenStack Neutron Race Condition vulnerability

A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0:...

5.9CVSS5.4AI score0.01847EPSS
Exploits0References12
Github Security Blog
Github Security Blog
added 2022/05/13 1:7 a.m.21 views

OpenStack Neutron Race Condition vulnerability

A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0:...

5.9CVSS2.8AI score0.01847EPSS
Exploits0References12Affected Software1
Rapid7 Blog
Rapid7 Blog
added 2021/06/22 1:0 p.m.45 views

Automated remediation level 2: Best practices

A low-impact workaround When it comes to automating remediation, the second level we’ll discuss takes a bit of additional planning. This is so that users will see little to no impact in the account fundamentals automation process. This framework aligns with the Center for Internet Security Amazon...

0.5AI score
Exploits0
Hacker One
Hacker One
added 2021/06/19 10:14 p.m.30 views

Kubernetes: AWS Load Balancer Controller can be used by an attacker to modify rules of any Security Group that they are able to tag

Report Submission Form Summary: The IAM Policy of AWS Load Balancer Controller allows it to modify rules of any SG on the AWS Account. This is legitimately used to manage Security Groups created by the controller when an Ingress resource doesn’t explicit a SG. Annotations can be added to the...

0.2AI score
Exploits0
Hacker One
Hacker One
added 2021/06/19 5:28 a.m.28 views

Kubernetes: AWS Load Balancer Controller Managed Security Groups can be replaced by an unprivileged attacker

Report Submission Form Summary: When creating an Ingress of class alb, by default, AWS Load Balancer Controller creates a managed SG and attaches it to the created ALB. This SG limits which ports of the ALB are accessible by whom. An attacker is able to craft another SG that can be used to trick...

7.3AI score
Exploits0
Virtuozzo
Virtuozzo
added 2021/04/19 12:0 a.m.23 views

Virtuozzo Hybrid Infrastructure 4.5 Update 1 Hotfix 2 (4.5.1-34)

This update provides fixes for the admin and self-service panels. Vulnerability id: VSTOR-42074 Unable to add a network interface to an existing VM in the self-service panel. Vulnerability id: VSTOR-42954 Added a message about disabling security groups for a VM network interface. Vulnerability id...

1.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2021/03/20 8:50 p.m.26 views

CVE-2017-7543

A race-condition flaw was discovered in openstack-neutron where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an...

5.9CVSS1.2AI score0.01847EPSS
Exploits0References1
OSV
OSV
added 2021/02/19 8:15 a.m.3 views

CVE-2021-3339

ModernFlow before 1.3.00.208 does not constrain web-page access to members of a security group, as demonstrated by the Search Screen and the Profile Screen...

4.3CVSS5.8AI score0.0195EPSS
Exploits0References2
Microsoft Secure
Microsoft Secure
added 2020/10/07 4:0 p.m.314 views

Best practices for defending Azure Virtual Machines

One of the things that our Detection and Response Team DART and Customer Service and Support CSS security teams see frequently during investigation of customer incidents are attacks on virtual machines from the internet. This is one area in the cloud security shared responsibility model where...

10CVSS10AI score0.99999EPSS
Exploits123
Kitploit
Kitploit
added 2020/09/07 8:30 p.m.42 views

PurpleCloud - An Infrastructure As Code (IaC) Deployment Of A Small Active Directory Pentest Lab In The Cloud

Pentest Cyber Range for a small Active Directory Domain. Automated templates for building your own Pentest/Red Team/Cyber Range in the Azure cloud! Purple Cloud is a small Active Directory enterprise deployment automated with Terraform / Ansible Playbook templates to be deployed in Azure. Purple...

7.4AI score
Exploits0References5
Rows per page
Query Builder