| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2021-3930 |
193 |
|
DoS |
2022-02-18 |
2022-05-13 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition. |
|
2 |
CVE-2020-27827 |
400 |
|
DoS |
2021-03-18 |
2021-08-04 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability. |
|
3 |
CVE-2020-14364 |
125 |
|
DoS Exec Code |
2020-08-31 |
2020-11-11 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host. |
|
4 |
CVE-2020-10685 |
459 |
|
|
2020-05-11 |
2021-12-21 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble. |
|
5 |
CVE-2020-10684 |
862 |
|
|
2020-03-24 |
2021-12-20 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. An attacker could take advantage of this by altering the ansible_facts, such as ansible_hosts, users and any other key data which would lead into privilege escalation or code injection. |
|
6 |
CVE-2020-1758 |
295 |
|
|
2020-05-15 |
2020-05-19 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
A flaw was found in Keycloak in versions before 10.0.0, where it does not perform the TLS hostname verification while sending emails using the SMTP server. This flaw allows an attacker to perform a man-in-the-middle (MITM) attack. |
|
7 |
CVE-2020-1711 |
787 |
|
DoS Exec Code |
2020-02-11 |
2022-04-05 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host. |
|
8 |
CVE-2019-14900 |
89 |
|
Sql |
2020-07-06 |
2022-04-29 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. |
|
9 |
CVE-2019-14859 |
347 |
|
|
2020-01-02 |
2021-08-04 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker could use a malleable signature to create false transactions. |
|
10 |
CVE-2019-14818 |
401 |
|
DoS |
2019-11-14 |
2021-11-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors. This flaw could lead to a denial of service condition. |
|
11 |
CVE-2019-14433 |
209 |
|
|
2019-08-09 |
2022-04-18 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data. |
|
12 |
CVE-2019-10193 |
787 |
|
Overflow |
2019-07-11 |
2021-10-28 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past the end of a stack-allocated buffer. |
|
13 |
CVE-2019-10192 |
787 |
|
Overflow |
2019-07-11 |
2021-10-28 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding to write up to 3 bytes beyond the end of a heap-allocated buffer. |
|
14 |
CVE-2019-10141 |
89 |
|
DoS Sql |
2019-07-30 |
2021-08-04 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
A vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1. A SQL-injection vulnerability was found in openstack-ironic-inspector's node_cache.find_node(). This function makes a SQL query using unfiltered data from a server reporting inspection results (by a POST to the /v1/continue endpoint). Because the API is unauthenticated, the flaw could be exploited by an attacker with access to the network on which ironic-inspector is listening. Because of how ironic-inspector uses the query results, it is unlikely that data could be obtained. However, the attacker could pass malicious data and create a denial of service. |
|
15 |
CVE-2019-9735 |
755 |
|
|
2019-03-13 |
2021-08-04 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
|
An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By setting a destination port in a security group rule along with a protocol that doesn't support that option (for example, VRRP), an authenticated user may block further application of security group rules for instances from any project/tenant on the compute hosts to which it's applied. (Only deployments using the iptables security group driver are affected.) |
|
16 |
CVE-2019-3830 |
532 |
|
|
2019-03-26 |
2020-10-22 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
A vulnerability was found in ceilometer before version 12.0.0.0rc1. An Information Exposure in ceilometer-agent prints sensitive configuration data to log files without DEBUG logging being activated. |
|
17 |
CVE-2018-1000127 |
190 |
|
Overflow |
2018-03-13 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later. |
|
18 |
CVE-2018-1000115 |
400 |
|
DoS |
2018-03-05 |
2021-08-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default. |
|
19 |
CVE-2018-18438 |
190 |
|
Overflow |
2018-10-19 |
2021-08-04 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value. |
|
20 |
CVE-2018-17963 |
190 |
|
DoS |
2018-10-09 |
2021-08-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. |
|
21 |
CVE-2018-17206 |
125 |
|
|
2018-09-19 |
2021-08-04 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
|
An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding. |
|
22 |
CVE-2018-17205 |
617 |
|
|
2018-09-19 |
2021-08-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. During bundle commit, flows that are added in a bundle are applied to ofproto in order. If a flow cannot be added (e.g., the flow action is a go-to for a group id that does not exist), OvS tries to revert back all previous flows that were successfully applied from the same bundle. This is possible since OvS maintains list of old flows that were replaced by flows from the bundle. While reinserting old flows, OvS has an assertion failure due to a check on rule state != RULE_INITIALIZED. This would work for new flows, but for an old flow the rule state is RULE_REMOVED. The assertion failure causes an OvS crash. |
|
23 |
CVE-2018-17204 |
617 |
|
|
2018-09-19 |
2021-08-04 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
|
An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries to use the type and command earlier, when it might still be invalid. This causes an assertion failure (via OVS_NOT_REACHED). ovs-vswitchd does not enable support for OpenFlow 1.5 by default. |
|
24 |
CVE-2018-14635 |
20 |
|
DoS Bypass |
2018-09-10 |
2021-08-04 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
|
When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from outside of the allowed allocation pool. Versions of openstack-neutron before 13.0.0.0b2, 12.0.3 and 11.0.5 are vulnerable. |
|
25 |
CVE-2018-14432 |
200 |
|
Bypass +Info |
2018-07-31 |
2021-08-04 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
|
In the Federation component of OpenStack Keystone before 11.0.4, 12.0.0, and 13.0.0, an authenticated "GET /v3/OS-FEDERATION/projects" request may bypass intended access restrictions on listing projects. An authenticated user may discover projects they have no authority to access, leaking all projects in the deployment and their attributes. Only Keystone with the /v3/OS-FEDERATION endpoint enabled via policy.json is affected. |
|
26 |
CVE-2018-11806 |
787 |
|
Overflow |
2018-06-13 |
2021-08-04 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams. |
|
27 |
CVE-2018-11219 |
190 |
|
Overflow |
2018-06-17 |
2021-08-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking. |
|
28 |
CVE-2018-11218 |
787 |
|
Overflow Mem. Corr. |
2018-06-17 |
2021-08-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows. |
|
29 |
CVE-2018-10875 |
426 |
|
Exec Code |
2018-07-13 |
2021-08-04 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code. |
|
30 |
CVE-2018-10874 |
20 |
|
|
2018-07-02 |
2021-08-04 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result. |
|
31 |
CVE-2018-10855 |
532 |
|
|
2018-07-03 |
2021-08-04 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible. |
|
32 |
CVE-2018-7536 |
185 |
|
|
2018-03-09 |
2021-08-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions (only one regular expression for Django 1.8.x). The urlize() function is used to implement the urlize and urlizetrunc template filters, which were thus vulnerable. |
|
33 |
CVE-2018-3639 |
203 |
|
Bypass |
2018-05-22 |
2021-08-13 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. |
|
34 |
CVE-2018-1059 |
200 |
|
+Info |
2018-04-24 |
2021-08-04 |
2.9 |
None |
Local Network |
Medium |
Not required |
Partial |
None |
None |
|
The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable. |
|
35 |
CVE-2017-18191 |
|
|
DoS |
2018-02-19 |
2019-10-03 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error also results in data loss, but that is not a vulnerability because the user loses their own data.) All Nova setups supporting encrypted volumes are affected. |
|
36 |
CVE-2017-15139 |
200 |
|
+Info |
2018-08-27 |
2021-08-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A vulnerability was found in openstack-cinder releases up to and including Queens, allowing newly created volumes in certain storage volume configurations to contain previous data. It specifically affects ScaleIO volumes using thin volumes and zero padding. This could lead to leakage of sensitive information between tenants. |
|
37 |
CVE-2017-10664 |
|
|
DoS |
2017-08-02 |
2021-08-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt. |
|
38 |
CVE-2017-9214 |
191 |
|
|
2017-05-23 |
2021-08-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`. |
|
39 |
CVE-2017-8379 |
772 |
|
DoS |
2017-05-23 |
2021-08-04 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events. |
|
40 |
CVE-2017-8309 |
772 |
|
DoS |
2017-05-23 |
2021-08-04 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture. |
|
41 |
CVE-2017-7980 |
119 |
|
DoS Exec Code Overflow |
2017-07-25 |
2021-08-04 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation. |
|
42 |
CVE-2017-7543 |
362 |
|
|
2018-07-26 |
2021-08-04 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources. |
|
43 |
CVE-2017-7539 |
20 |
|
DoS |
2018-07-26 |
2021-08-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process could use this flaw to crash the qemu-nbd server resulting in denial of service. |
|
44 |
CVE-2017-7481 |
20 |
|
Exec Code |
2018-07-19 |
2021-08-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated. |
|
45 |
CVE-2017-7466 |
20 |
|
Exec Code |
2018-06-22 |
2021-08-04 |
8.5 |
None |
Remote |
Medium |
??? |
Complete |
Complete |
Complete |
|
Ansible before version 2.3 has an input validation vulnerability in the handling of data sent from client systems. An attacker with control over a client system being managed by Ansible, and the ability to send facts back to the Ansible server, could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges. |
|
46 |
CVE-2017-5973 |
835 |
|
DoS |
2017-03-27 |
2021-08-04 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence. |
|
47 |
CVE-2017-2673 |
863 |
|
|
2018-07-19 |
2021-08-04 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An authorization-check flaw was discovered in federation configurations of the OpenStack Identity service (keystone). An authenticated federated user could request permissions to a project and unintentionally be granted all related roles including administrative roles. |
|
48 |
CVE-2017-2637 |
306 |
|
|
2018-07-26 |
2021-08-04 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. |
|
49 |
CVE-2017-2627 |
22 |
|
Dir. Trav. |
2018-08-22 |
2021-08-04 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A flaw was found in openstack-tripleo-common as shipped with Red Hat Openstack Enterprise 10 and 11. The sudoers file as installed with OSP's openstack-tripleo-common package is much too permissive. It contains several lines for the mistral user that have wildcards that allow directory traversal with '..' and it grants full passwordless root access to the validations user. |
|
50 |
CVE-2017-2622 |
200 |
|
+Info |
2018-07-27 |
2021-08-04 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
An accessibility flaw was found in the OpenStack Workflow (mistral) service where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information. |
