13 matches found
EUVD-2019-0097
Malware in sbrugna...
RHSA-2019:1728 Red Hat Security Advisory: python-novajoin security and bug fix update
Bulletin has no description...
RHEL 7 : python-novajoin (RHSA-2019:1728)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:1728 advisory. This Python package provides a dynamic vendordata plugin for the OpenStack nova metadata service to manage host instantiation in an IPA server...
GHSA-XF8C-3CGX-FCWM Improper Access Control in novajoin
A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens...
Improper Access Control in novajoin
A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens...
CVE-2019-10138
A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens...
CVE-2019-10138
A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens...
Design/Logic Flaw
A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens...
PYSEC-2019-192
A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens...
CVE-2019-10138
The CVE-2019-10138 issue affects the python-novajoin plugin used by Red Hat OpenStack Platform (all versions up to 1.1.1). The root cause is insufficient access control in the novajoin API, enabling any keystone-authenticated user to generate FreeIPA tokens. This leads to unauthorized token gener...
python-novajoin Access Control Error Vulnerability
python-novajoin is a Python package that provides a dynamic vendordata plugin for the OpenStack nova metadata service, which is primarily used to manage host instantiation in IPA servers. An access control error vulnerability exists in python-novajoin. The vulnerability stems from a network syste...
CVE-2019-10138
A flaw was discovered in the python-novajoin plugin for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens...
python-novajoin: novajoin API lacks access control
A flaw was discovered in the python-novajoin plugin for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens...