17 matches found
EUVD-2019-0097
Malware in sbrugna...
RHSA-2019:1728 Red Hat Security Advisory: python-novajoin security and bug fix update
Bulletin has no description...
RHEL 7 : python-novajoin (RHSA-2019:1728)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:1728 advisory. This Python package provides a dynamic vendordata plugin for the OpenStack nova metadata service to manage host instantiation in an IPA server...
Improper Access Control in novajoin
A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens...
GHSA-XF8C-3CGX-FCWM Improper Access Control in novajoin
A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens...
CVE-2019-10138
A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens...
CVE-2019-10138
A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens...
Design/Logic Flaw
A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens...
PYSEC-2019-192
A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens...
PYSEC-2019-192
A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens...
CVE-2019-10138
A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens...
CVE-2019-10138
The CVE-2019-10138 issue affects the python-novajoin plugin used by Red Hat OpenStack Platform (all versions up to 1.1.1). The root cause is insufficient access control in the novajoin API, enabling any keystone-authenticated user to generate FreeIPA tokens. This leads to unauthorized token gener...
python-novajoin: novajoin API lacks access control
A flaw was discovered in the python-novajoin plugin for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens...
python-novajoin Access Control Error Vulnerability
python-novajoin is a Python package that provides a dynamic vendordata plugin for the OpenStack nova metadata service, which is primarily used to manage host instantiation in IPA servers. An access control error vulnerability exists in python-novajoin. The vulnerability stems from a network syste...
Insecure Access Controls
novajoin uses insecure access controls. The lack of access controls allows an attacker to generate tokens from authenticated users to gain access to HTTP calls to the API...
CVE-2019-10138
A flaw was discovered in the python-novajoin plugin for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens...
python-novajoin: novajoin API lacks access control
A flaw was discovered in the python-novajoin plugin for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens...