7799 matches found
Huawei FusionSphere OpenStack Licensing Issue Vulnerability
Huawei FusionSphere OpenStack is a suite of FusionSphere cloud operating system cloud platform software for ICT scenarios from Huawei, China. An authorization issue vulnerability exists in Huawei FusionSphere OpenStack version V100R006C00, which stems from an unreasonable privilege configuration...
Huawei FusionSphere OpenStack Signature Validation Vulnerability
Huawei FusionSphere and FusionSphere OpenStack FSO are both Huawei products. The former is a cloud operating system product developed based on the OpenStack framework, and the latter is FusionSphere's cloud platform software in ICT scenarios. A signature validation vulnerability exists in Huawei...
Ubuntu 14.04 LTS : OpenStack Nova vulnerabilities (USN-3449-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3449-1 advisory. George Shuklin discovered that OpenStack Nova incorrectly handled the migration process. A remote authenticated user could use this issue to consume...
Ubuntu 14.04 LTS : OpenStack Glance vulnerabilities (USN-3446-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3446-1 advisory. Hemanth Makkapati discovered that OpenStack Glance incorrectly handled access restrictions. A remote authenticated user could use this issue to change th...
Ubuntu 14.04 LTS : OpenStack Horizon vulnerability (USN-3447-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3447-1 advisory. Beth Lancaster and Brandon Sawyers discovered that OpenStack Horizon was incorrect protected against cross-site scripting XSS attacks. A remote authenticated user...
Ubuntu 14.04 LTS : OpenStack Swift vulnerabilities (USN-3451-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3451-1 advisory. It was discovered that OpenStack Swift incorrectly handled tempurls. A remote authenticated user in possession of a tempurl key authorized for PUT could...
Ubuntu 16.04 LTS : OpenStack Keystone vulnerability (USN-3448-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3448-1 advisory. Boris Bobrov discovered that OpenStack Keystone incorrectly handled federation mapping when there are rules in which group-based assignments are not used. A remot...
Ubuntu: Security Advisory (USN-3448-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-3446-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-3451-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-3449-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-3447-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3451-1: OpenStack Swift vulnerabilities
It was discovered that OpenStack Swift incorrectly handled tempurls. A remote authenticated user in possession of a tempurl key authorized for PUT could retrieve other objects in the same Swift account. CVE-2015-5223 Romain Le Disez and Örjan Persson discovered that OpenStack Swift incorrectly...
USN-3451-1 swift vulnerabilities
It was discovered that OpenStack Swift incorrectly handled tempurls. A remote authenticated user in possession of a tempurl key authorized for PUT could retrieve other objects in the same Swift account. CVE-2015-5223 Romain Le Disez and Örjan Persson discovered that OpenStack Swift incorrectly...
USN-3449-1: OpenStack Nova vulnerabilities
George Shuklin discovered that OpenStack Nova incorrectly handled the migration process. A remote authenticated user could use this issue to consume resources, resulting in a denial of service. CVE-2015-3241 George Shuklin and Tushar Patil discovered that OpenStack Nova incorrectly handled deleti...
USN-3449-1 nova vulnerabilities
George Shuklin discovered that OpenStack Nova incorrectly handled the migration process. A remote authenticated user could use this issue to consume resources, resulting in a denial of service. CVE-2015-3241 George Shuklin and Tushar Patil discovered that OpenStack Nova incorrectly handled deleti...
USN-3448-1: OpenStack Keystone vulnerability
Boris Bobrov discovered that OpenStack Keystone incorrectly handled federation mapping when there are rules in which group-based assignments are not used. A remote authenticated user may receive all the roles assigned to a project regardless of the federation mapping, contrary to expectations...
USN-3448-1 keystone vulnerability
Boris Bobrov discovered that OpenStack Keystone incorrectly handled federation mapping when there are rules in which group-based assignments are not used. A remote authenticated user may receive all the roles assigned to a project regardless of the federation mapping, contrary to expectations...
USN-3447-1: OpenStack Horizon vulnerability
Beth Lancaster and Brandon Sawyers discovered that OpenStack Horizon was incorrect protected against cross-site scripting XSS attacks. A remote authenticated user could use this issue to inject web script or HTML in a dashboard form...
USN-3447-1 horizon vulnerability
Beth Lancaster and Brandon Sawyers discovered that OpenStack Horizon was incorrect protected against cross-site scripting XSS attacks. A remote authenticated user could use this issue to inject web script or HTML in a dashboard form...