Lucene search
K

73 matches found

BDU FSTEC
BDU FSTEC
added 2020/06/10 12:0 a.m.6 views

The vulnerability of the software for general access to openstack-manila files, related to errors in using standard permissions, allows a perpetrator to gain unauthorized access to common files.

The vulnerability of the openstack-manila software for general access to files is related to errors in the use of standard permissions. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to common files, provided that the value of the UUID...

9.7CVSS7.3AI score0.01153EPSS
Exploits1References8Affected Software3
RedHat Linux
RedHat Linux
added 2020/05/14 12:8 p.m.4 views

openstack-manila: User with share-network UUID is able to show, create and delete shares

An access flaw was found in openstack-manila, where the API did not validate the user/project on commands. A malicious user having the UUID of a share-network could view, update, delete, or share resources that did not belong to them. Attackers could also create resources on shared networks for...

8.3CVSS7.3AI score0.01153EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2020/05/14 12:8 p.m.56 views

Moderate: Red Hat Security Advisory: openstack-manila security update

An update for openstack-manila is now available for Red Hat OpenStack Platform 16 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.3CVSS7.2AI score0.01153EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2020/05/14 12:0 a.m.17 views

RHEL 8 : openstack-manila (RHSA-2020:2165)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2165 advisory. OpenStack Shared Filesystem Service Manila provides services to manage network filesystems for use by Virtual Machine instances. Security Fixes: User...

8.3CVSS7.7AI score0.01153EPSS
Exploits1References6
OSV
OSV
added 2020/04/22 12:41 p.m.7 views

SUSE-SU-2020:1066-1 Security update for ardana-ansible, ardana-barbican, ardana-db, ardana-monasca, ardana-mq, ardana-neutron, ardana-octavia, ardana-tempest, crowbar-core, crowbar-ha, crowbar-openstack, documentation-suse-openstack-cloud, memcached, openstack-manila, openstack-neutron, openstack-nova, pdns, python-amqp, rubygem-puma, zookeeper

This update for ardana-ansible, ardana-barbican, ardana-db, ardana-monasca, ardana-mq, ardana-neutron, ardana-octavia, ardana-tempest, crowbar-core, crowbar-ha, crowbar-openstack, documentation-suse-openstack-cloud, memcached, openstack-manila, openstack-neutron, openstack-nova, pdns, python-amqp...

8.8CVSS8.1AI score0.73654EPSS
Exploits3References33
Tenable Nessus
Tenable Nessus
added 2020/04/07 12:0 a.m.20 views

RHEL 8 : openstack-manila (RHSA-2020:1326)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1326 advisory. OpenStack Shared Filesystem Service Manila provides services to manage network filesystems for use by Virtual Machine instances. Security Fixes: User...

8.3CVSS7.7AI score0.01153EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2020/04/06 9:3 a.m.3 views

openstack-manila: User with share-network UUID is able to show, create and delete shares

An access flaw was found in openstack-manila, where the API did not validate the user/project on commands. A malicious user having the UUID of a share-network could view, update, delete, or share resources that did not belong to them. Attackers could also create resources on shared networks for...

8.3CVSS7.3AI score0.01153EPSS
Exploits1References5
CNVD
CNVD
added 2020/03/25 12:0 a.m.2 views

OpenStack Manila Override Vulnerability

OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration NASA and Rackspace, Inc. in the United States. A security vulnerability exists in OpenStack Manila versions prior to 7.4.1, 8.0.0 through 8.1.1, and 9.0.0 through 9.1.1. An attacker cou...

8.3CVSS8.7AI score0.01153EPSS
Exploits1References1
NVD
NVD
added 2020/03/12 5:15 p.m.34 views

CVE-2020-9543

OpenStack Manila =8.0.0 =9.0.0 9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks...

8.3CVSS8.2AI score0.01153EPSS
Exploits1References3
OSV
OSV
added 2020/03/12 5:15 p.m.4 views

DEBIAN-CVE-2020-9543

OpenStack Manila =8.0.0 =9.0.0 9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks...

8.3CVSS7.8AI score0.01153EPSS
Exploits1References1
OSV
OSV
added 2020/03/12 5:15 p.m.16 views

CVE-2020-9543

OpenStack Manila =8.0.0 =9.0.0 9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks...

8.3CVSS8.2AI score
Exploits0References3
Prion
Prion
added 2020/03/12 5:15 p.m.12 views

Code injection

OpenStack Manila =8.0.0 =9.0.0 9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks...

6.5CVSS8.1AI score0.01153EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2020/03/12 5:15 p.m.5 views

PYSEC-2020-63

OpenStack Manila =8.0.0 =9.0.0 9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks...

8.3CVSS6.9AI score0.01153EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2020/03/12 5:15 p.m.36 views

PYSEC-2020-63

OpenStack Manila =8.0.0 =9.0.0 9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks...

8.3CVSS4.6AI score0.01153EPSS
Exploits1References4
Cvelist
Cvelist
added 2020/03/12 4:40 p.m.35 views

CVE-2020-9543

OpenStack Manila =8.0.0 =9.0.0 9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks...

8.2AI score0.01153EPSS
Exploits1References3
CVE
CVE
added 2020/03/12 4:40 p.m.96 views

CVE-2020-9543

CVE-2020-9543 affects OpenStack Manila (versions listed in the OpenStack Manila advisories). The issue arises from a context-free lookup of a UUID, allowing unprivileged attackers to view, update, delete, or share resources that do not belong to them, and potentially create resources such as shar...

8.3CVSS8AI score0.01153EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2020/03/12 4:40 p.m.22 views

CVE-2020-9543

OpenStack Manila =8.0.0 =9.0.0 9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks...

8.3CVSS7.8AI score0.01153EPSS
Exploits1
OSV
OSV
added 2020/03/12 4:0 p.m.7 views

SUSE-SU-2020:0660-1 Security update for openstack-manila

This update for openstack-manila fixes the following issues: - CVE-2020-9543: Fixed an issue where other project users to view, update, delete, or share resources that do not belong to them, due to a context-free lookup of a UUID bsc1165643...

8.3CVSS8.1AI score0.01153EPSS
Exploits1References3
OSV
OSV
added 2020/03/12 3:59 p.m.5 views

SUSE-SU-2020:0659-1 Security update for openstack-manila

This update for openstack-manila fixes the following issues: - CVE-2020-9543: Fixed an issue where other project users to view, update, delete, or share resources that do not belong to them, due to a context-free lookup of a UUID bsc1165643...

8.3CVSS8.1AI score0.01153EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2020/03/11 6:10 a.m.15 views

CVE-2020-9543

An access flaw was found in openstack-manila, where the API did not validate the user/project on commands. A malicious user having the UUID of a share-network could view, update, delete, or share resources that did not belong to them. Attackers could also create resources on shared networks for...

8.3CVSS3.1AI score0.01153EPSS
Exploits1References4
Rows per page
Query Builder