Openstack Platform@17.0 Security Vulnerabilities and Issues — Openstack Platform@17.0 CVE List

Lucene search

RedhatOpenstack Platform17.0

5 matches found

CVE•added 2023/04/10 10:15 p.m.•138 views

CVE-2023-1668

A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildca...

8.2CVSS7.7AI score0.00076EPSS

CVE•added 2023/09/24 1:15 a.m.•73 views

CVE-2023-1625

An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.

7.4CVSS5.8AI score0.00101EPSS

CVE•added 2023/09/24 1:15 a.m.•65 views

CVE-2023-1636

A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any service is compromi...

6CVSS5.4AI score0.00074EPSS

CVE•added 2023/09/24 1:15 a.m.•64 views

CVE-2023-1633

A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials.

6.6CVSS5.4AI score0.00024EPSS

CVE•added 2024/08/02 9:16 p.m.•40 views

CVE-2024-7319

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied.

5CVSS7.5AI score0.00133EPSS