CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2024/05/22 12:0 a.m.•15 views

RHEL 9 : Red Hat OpenStack Platform 17.1 (python-glance-store) (RHSA-2024:2732)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2732 advisory. OpenStack image service store library Security Fixes: Glance Store access key logged in DEBUG log level CVE-2024-1141 For more details about the...

5.5CVSS5.7AI score0.00035EPSS

NVD•added 2024/05/14 3:45 p.m.•7 views

CVE-2024-4840

An flaw was found in the OpenStack Platform RHOSP director, a toolset for installing and managing a complete RHOSP environment. Plaintext passwords may be stored in log files, which can expose sensitive information to anyone with access to the logs...

5.5CVSS5.3AI score0.00015EPSS

CNNVD•added 2024/05/14 12:0 a.m.•2 views

Red Hat OpenStack Platform 安全漏洞

Red Hat OpenStack Platform is a cloud computing management platform from Red Hat, an American company. A security vulnerability exists in Red Hat OpenStack Platform that stems from the possibility that plaintext passwords could be stored in log files, potentially exposing sensitive information to...

5.5CVSS5.3AI score0.00015EPSS

Cvelist•added 2024/05/13 10:16 p.m.•16 views

CVE-2024-4840 Rhosp-director: cleartext passwords exposed in logs

5.5CVSS5.5AI score0.00015EPSS

Vulnrichment•added 2024/05/13 10:16 p.m.•11 views

CVE-2024-4840 Rhosp-director: cleartext passwords exposed in logs

5.5CVSS6.3AI score0.00015EPSS

CVE•added 2024/05/13 10:16 p.m.•56 views

CVE-2024-4840

CVE-2024-4840 affects OpenStack Platform (RHOSP) director components, where plaintext passwords can be stored in log files if logging is enabled. The vulnerability is linked to the RHOSP 17.1.4 security update (RHSA-2024:9978) and related heat-templates components, which provides the patch to add...

5.5CVSS6.1AI score0.00015EPSS

Positive Technologies•added 2024/05/13 12:0 a.m.•3 views

PT-2024-33096 · Red Hat · Openstack Platform Director

Name of the Vulnerable Software and Affected Versions: OpenStack Platform RHOSP director affected versions not specified Description: A flaw in the OpenStack Platform director allows plaintext passwords to be stored in log files. This can expose sensitive information to anyone with access to the...

5.5CVSS6.4AI score0.00015EPSS

Tenable Nessus•added 2024/05/11 12:0 a.m.•23 views

RHEL 6 : openstack-neutron (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openstack-neutron: MAC source address spoofing vulnerability CVE-2016-5363 - The IPTables firewall in...

8.5AI score0.0631EPSS

Exploits0References2

Tenable Nessus•added 2024/05/11 12:0 a.m.•25 views

RHEL 6 : openstack-glance (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openstack-glance: API v1 copyfrom reveals network details CVE-2017-7200 - A vulnerability was found in...

7.6AI score0.00535EPSS

Exploits0References2

Tenable Nessus•added 2024/05/11 12:0 a.m.•18 views

RHEL 6 : openstack-heat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - openstack-heat: Template source URL allows network port scan CVE-2016-9185 Note that Nessus has not tested for this...

4.8AI score0.00527EPSS

Exploits0References1

NVD•added 2024/05/08 9:15 a.m.•30 views

CVE-2024-4436

The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2022-41723. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning ...

7.5CVSS8AI score0.00059EPSS

NVD•added 2024/05/08 9:15 a.m.•22 views

CVE-2024-4437

The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2021-44716. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning ...

7.5CVSS7.8AI score0.00059EPSS

NVD•added 2024/05/08 9:15 a.m.•40 views

CVE-2024-4438

The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2023-39325/CVE-2023-44487, known as Rapid Reset. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Ha...

7.5CVSS8.2AI score0.00064EPSS

UbuntuCve•added 2024/05/08 9:15 a.m.•35 views

CVE-2024-4436

7.5CVSS7.1AI score0.00264EPSS

UbuntuCve•added 2024/05/08 9:15 a.m.•22 views

CVE-2024-4438

7.5CVSS7.1AI score0.00064EPSS

UbuntuCve•added 2024/05/08 9:15 a.m.•38 views

CVE-2024-4437

7.5CVSS7AI score0.00059EPSS

Cvelist•added 2024/05/08 8:59 a.m.•42 views

CVE-2024-4438 Etcd: incomplete fix for cve-2023-39325/cve-2023-44487 in openstack platform

7.5CVSS7.4AI score0.00064EPSS

Vulnrichment•added 2024/05/08 8:59 a.m.•63 views

CVE-2024-4438 Etcd: incomplete fix for cve-2023-39325/cve-2023-44487 in openstack platform

7.5CVSS8.6AI score0.00064EPSS

CVE•added 2024/05/08 8:59 a.m.•174 views

CVE-2024-4438

Technical details about CVE-2024-4438 are not provided in the supplied documents. The entry only states an incomplete fix related to CVE-2023-39325/CVE-2023-44487 in etcd within Red Hat OpenStack; no affected products, versions, or fixes are specified. Monitor for updates.

7.5CVSS7.6AI score0.00064EPSS