7816 matches found
PYSEC-2021-360
OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch c...
PYSEC-2021-360
OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch c...
UBUNTU-CVE-2021-38598
OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch c...
CVE-2021-38598
OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch c...
CVE-2021-38598
CVE-2021-38598 affects OpenStack Neutron: OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allow hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. An attacker controlling a server instance connected to the virtual sw...
CVE-2021-38598
OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch c...
PT-2021-22236 · Openstack +3 · Openstack Neutron +3
Name of the Vulnerable Software and Affected Versions: OpenStack Neutron versions prior to 16.4.1 OpenStack Neutron 17.x versions prior to 17.1.3 OpenStack Neutron version 18.0.0 Description: The issue allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on ...
OESA-2021-1317 ceph security update
Ceph is a massively scalable, open-source, distributed storage system that runs on commodity hardware and delivers object, block and file system storage. Security Fixes: A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway in versions before 14.2.21. The vulnerability is relat...
SUSE: Security Advisory (SUSE-SU-2021:2797-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:2771-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Information Disclosure
OpenStack Keystone allows information disclosure during account locking related to PCI DSS features. By guessing the name of an account and failing to authenticate multiple times, any unauthenticated actor could both confirm the account exists and obtain that account's corresponding UUID, which...
OpenStack Neutron 安全漏洞
OpenStack is a cloud platform management program of the National Aeronautics and Space Administration NASA in the U.S. Neutron is one of the networking components that provides Network-as-a-Service NaaS, which enables the creation of networks between OpenStack services, access to network devices...
Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2021-2289)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : cups (EulerOS-SA-2021-2264)
According to the version of the cups package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE...
CVE-2021-38155
OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking related to PCI DSS features. By guessing the name of an account and failing to authenticate multiple times, any unauthenticated...
DEBIAN-CVE-2021-38155
OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking related to PCI DSS features. By guessing the name of an account and failing to authenticate multiple times, any unauthenticated...
CVE-2021-38155
OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking related to PCI DSS features. By guessing the name of an account and failing to authenticate multiple times, any unauthenticated...
Information disclosure
OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking related to PCI DSS features. By guessing the name of an account and failing to authenticate multiple times, any unauthenticated...
CVE-2021-38155
OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking related to PCI DSS features. By guessing the name of an account and failing to authenticate multiple times, any unauthenticated...
OpenStack 安全漏洞
OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration NASA in collaboration with Rackspace. A security vulnerability exists in OpenStack Keystone that stems from the product's failure to restrict users from certain malicious requests. An...