3 matches found
CVE-2017-16239
CVE-2017-16239 affects OpenStack Nova: when rebuilding an instance, authenticated users may bypass the Filter Scheduler (e.g., ImagePropertiesFilter, IsolatedHostsFilter), affecting all setups using the Nova Filter Scheduler across 14.x, 15.x, and 16.x branches. Root cause is a regression that al...
CVE-2017-7214
The CVE-2017-7214 issue affects OpenStack Nova, where legacy notification exception contexts in ERROR level logs may reveal sensitive data (e.g., passwords, tokens) via exception_wrapper.py. Affected series include 13.x–15.0.1; exploitation details are not provided in the documents. Red Hat advis...
CVE-2017-17051
OpenStack Nova CVE-2017-16239 affects stable/pike and later with the fix for OSSA-2017-005. By repeatedly rebuilding an instance with new images using the default FilterScheduler, an authenticated user may cause untracked resource allocations on a hypervisor, leading to denial of service (doubled...