Openstack@12 Security Vulnerabilities and Issues — Openstack@12 CVE List

Lucene search

RedhatOpenstack12

7 matches found

CVE•added 2018/01/18 2:29 a.m.•313 views

CVE-2018-2562

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocol...

7.5CVSS6.7AI score0.00399EPSS

CVE•added 2018/04/19 2:29 a.m.•260 views

CVE-2018-2755

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure wher...

7.7CVSS6.6AI score0.00159EPSS

CVE•added 2018/07/13 10:29 p.m.•250 views

CVE-2018-10875

A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.

7.8CVSS7.7AI score0.00062EPSS

CVE•added 2018/07/02 1:29 p.m.•159 views

CVE-2018-10874

In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result.

7.8CVSS7.8AI score0.00061EPSS

CVE•added 2018/03/05 2:29 p.m.•144 views

CVE-2018-1000115

Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable source...

7.5CVSS7.4AI score0.79854EPSS

Web

CVE•added 2018/02/19 5:29 p.m.•89 views

CVE-2017-18191

An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error al...

7.8CVSS7.3AI score0.01541EPSS

CVE•added 2019/03/26 6:29 p.m.•69 views

CVE-2018-16856

In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowing...

7.5CVSS7.3AI score0.00267EPSS