Lucene search
+L

154 matches found

PyPA
PyPA
added 2019/03/26 6:29 p.m.7 views

PYSEC-2019-193

In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowi...

7.5CVSS6.7AI score0.00878EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2019/01/15 9:16 a.m.23 views

Remote Code Execution (RCE)

python-rdomanager-oscplugin is vulnerable to remote code execution RCE attacks. The vulnerability exists as a design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default by director listening on...

10CVSS9.9AI score0.04783EPSS
Exploits0References16Affected Software8
RedhatCVE
RedhatCVE
added 2018/11/13 4:20 a.m.19 views

CVE-2018-16856

In a default Red Hat Openstack Platform Director installation, openstack-octavia creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowing for information exposure...

7.5CVSS2.3AI score0.00878EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2018/09/20 11:7 a.m.143 views

Moderate: Red Hat Security Advisory: Red Hat Enterprise Linux OpenStack Platform security update

An update is now available for Red Hat OpenStack Platform 12.0 Pike. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS6.7AI score0.00597EPSS
Exploits0References3
OSV
OSV
added 2018/07/26 12:29 p.m.30 views

CVE-2017-2637

A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default by director listening on 0.0.0.0 all interfaces with no-authentication or encryption. Anyone able to make a TCP connection to any comput...

10CVSS7.2AI score0.04783EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2018/07/05 12:26 p.m.4 views

Moderate: Red Hat Bug Fix Advisory: Red Hat OpenStack Platform 9 director Bug Fix Advisory

Updated packages that resolve various issues are now available for Red Hat OpenStack Platform 9.0 director for RHEL 7. Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service IaaS cloud based on Red Hat OpenStack...

7.5CVSS7AI score0.88368EPSS
Exploits3References7
CVE
CVE
added 2018/04/26 5:0 p.m.82 views

CVE-2016-9590

CVE-2016-9590 affects puppet-swift (used by Red Hat OpenStack Platform director to install Object Storage). Root cause: during installation the Puppet script deploys the service and incorrectly removes and then recreates proxy-server.conf with world-readable permissions, enabling information disc...

6.5CVSS6.3AI score0.01152EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2017/09/21 9:29 p.m.13 views

Design/Logic Flaw

A flaw was found in instack-undercloud 7.2.0 as packaged in Red Hat OpenStack Platform Pike, 6.1.0 as packaged in Red Hat OpenStack Platform Oacta, 5.3.0 as packaged in Red Hat OpenStack Newton, where pre-install and security policy scripts used insecure temporary files. A local user could exploi...

3.3CVSS6.2AI score0.00347EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2017/09/21 9:29 p.m.36 views

CVE-2017-7549

A flaw was found in instack-undercloud 7.2.0 as packaged in Red Hat OpenStack Platform Pike, 6.1.0 as packaged in Red Hat OpenStack Platform Oacta, 5.3.0 as packaged in Red Hat OpenStack Newton, where pre-install and security policy scripts used insecure temporary files. A local user could exploi...

6.4CVSS6.2AI score0.00347EPSS
Exploits0References7
Cvelist
Cvelist
added 2017/09/21 8:0 p.m.36 views

CVE-2017-7549

A flaw was found in instack-undercloud 7.2.0 as packaged in Red Hat OpenStack Platform Pike, 6.1.0 as packaged in Red Hat OpenStack Platform Oacta, 5.3.0 as packaged in Red Hat OpenStack Newton, where pre-install and security policy scripts used insecure temporary files. A local user could exploi...

6.2AI score0.00347EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2017/03/01 1:31 p.m.48 views

Moderate: Red Hat Security Advisory: openstack-puppet-modules security update

An update for openstack-puppet-modules is now available for Red Hat OpenStack Platform 9.0 Mitaka. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

6.5CVSS6.5AI score0.01152EPSS
Exploits0References2
CVE
CVE
added 2016/06/30 4:0 p.m.62 views

CVE-2016-4474

CVE-2016-4474 affects Red Hat OpenStack Platform 8.0 (Liberty) director and Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) overcloud-full images. The image build process uses a default root password (ROOTPW/rootpw), enabling potential remote root access via unspecified vectors. Red Hat ad...

8.8CVSS8.8AI score0.00846EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2016/06/13 9:25 p.m.31 views

Important: Red Hat Security Advisory: rhosp-director-images security and bug fix update

Updated deployment images are now available for Red Hat OpenStack Platform 7.0 Kilo director. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

8.8CVSS7.4AI score0.00846EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2016/06/13 7:30 p.m.36 views

Important: Red Hat Security Advisory: rhosp-director-images security and bug fix update

Updated deployment images are now available for Red Hat OpenStack Platform 8.0 Liberty director. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.8CVSS7.4AI score0.00846EPSS
Exploits0References2
Rows per page
Query Builder