7799 matches found
Design/Logic Flaw
In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters for example, the ImagePropertiesFilter or the IsolatedHostsFilter. All setups using Nova Filter...
CVE-2017-16239
In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters for example, the ImagePropertiesFilter or the IsolatedHostsFilter. All setups using Nova Filter...
DEBIAN-CVE-2017-16239
In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters for example, the ImagePropertiesFilter or the IsolatedHostsFilter. All setups using Nova Filter...
CVE-2017-16239
In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters for example, the ImagePropertiesFilter or the IsolatedHostsFilter. All setups using Nova Filter...
CVE-2017-16239
In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters for example, the ImagePropertiesFilter or the IsolatedHostsFilter. All setups using Nova Filter...
CVE-2017-16239
CVE-2017-16239 affects OpenStack Nova: when rebuilding an instance, authenticated users may bypass the Filter Scheduler (e.g., ImagePropertiesFilter, IsolatedHostsFilter), affecting all setups using the Nova Filter Scheduler across 14.x, 15.x, and 16.x branches. Root cause is a regression that al...
CVE-2017-16239
In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters for example, the ImagePropertiesFilter or the IsolatedHostsFilter. All setups using Nova Filter...
CVE-2017-16239
In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters for example, the ImagePropertiesFilter or the IsolatedHostsFilter. All setups using Nova Filter...
UBUNTU-CVE-2017-16239
In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters for example, the ImagePropertiesFilter or the IsolatedHostsFilter. All setups using Nova Filter...
Huawei FusionSphere OpenStack Information Disclosure Vulnerability (CNVD-2017-34417)
Huawei FusionSphere and FusionSphere OpenStack FSO are both Huawei products. The former is a cloud operating system product developed based on the OpenStack framework, and the latter is FusionSphere's cloud platform software in ICT scenarios. Huawei FusionSphere OpenStack suffers from an...
Security Advisory - Information Leak Vulnerability in Huawei FusionSphere OpenStack
Huawei FusionSphere OpenStack has an information leak vulnerability due to the use of a low version transmission protocol by default. An attacker could intercept packets transferred by a target device. Successful exploit could cause an information leak. Vulnerability ID: HWPSIRT-2017-07112 This...
python-django: Open redirect and possible XSS attack via user-supplied numeric redirect URLs
A redirect flaw, where the issafeurl function did not correctly sanitize numeric-URL user input, was found in python-django. A remote attacker could exploit this flaw to perform XSS attacks against the OpenStack dashboard...
Moderate: Red Hat Security Advisory: python-django security update
An update for python-django is now available for Red Hat OpenStack Platform 11.0 Ocata. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Huawei FusionSphere Openstack Information Disclosure Vulnerability (CNVD-2017-33879)
Huawei FusionSphere and FusionSphere OpenStack FSO are both Huawei products. The former is a cloud operating system product developed based on the OpenStack framework, and the latter is FusionSphere's cloud platform software in ICT scenarios. Huawei FusionSphere Openstack suffers from an...
Security Advisory - Information Leak Vulnerability in Huawei FusionSphere Openstack
There is an information leak vulnerability in Huawei FusionSphere Openstack. Due to an incorrect configuration item, the information transmitted by a transmission channel is not encrypted. An attacker accessing the internal network may obtain sensitive information transmitted. Vulnerability ID:...
Security Advisory - Improper Authorization Vulnerability in Huawei FusionSphere OpenStack
There is an improper authorization vulnerability in Huawei FusionSphere OpenStack products. Due to improper authorization, an attacker with low privilege may exploit this vulnerability to obtain the operation authority of some specific directory, causing privilege escalation. Vulnerability ID:...
Huawei FusionSphere OpenStack Path Checksum Vulnerability
Huawei FusionSphere and FusionSphere OpenStack FSO are both Huawei products. The former is a cloud operating system product developed based on the OpenStack framework, and the latter is FusionSphere's cloud platform software in ICT scenarios. A path checking vulnerability exists in Huawei...
Huawei FusionSphere OpenStack Elevation of Privilege Vulnerability
Huawei FusionSphere and FusionSphere OpenStack FSO are both Huawei products. The former is a cloud operating system product developed based on the OpenStack framework, and the latter is FusionSphere's cloud platform software in ICT scenarios. An elevation of privilege vulnerability exists in Huaw...
Huawei FusionSphere OpenStack Command Injection Vulnerability (CNVD-2017-30901)
Huawei FusionSphere and FusionSphere OpenStack FSO are both Huawei products. The former is a cloud operating system product developed based on the OpenStack framework, and the latter is FusionSphere's cloud platform software in ICT scenarios. Huawei FusionSphere OpenStack suffers from a command...
Huawei FusionSphere OpenStack Weak Algorithm Vulnerability
Huawei FusionSphere and FusionSphere OpenStack FSO are both Huawei products. The former is a cloud operating system product developed based on the OpenStack framework, and the latter is FusionSphere's cloud platform software in ICT scenarios. A weak algorithm vulnerability exists in Huawei...