Latest Openstack Vulnerabilities

CVE-2024-1141
Glance-store: glance store access key logged in debug log level
pip/glance-store<=4.6.1
Openstack Glance-store<4.7.0
ubuntu/python-glance-store<2.0.0-0ubuntu4.3
ubuntu/python-glance-store<3.0.0-0ubuntu1.4
ubuntu/python-glance-store<4.6.1-0ubuntu1.1
debian/python-glance-store<=0.26.1-4<=2.3.0-4<=4.1.0-4<=4.7.0-3
CVE-2022-45582
Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the success_url parameter.
OpenStack Horizon>=19.4.0<=20.1.4
pip/horizon<19.4.0
CVE-2023-1636
A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, US...
OpenStack Barbican
Redhat Openstack Platform=16.1
Redhat Openstack Platform=16.2
Redhat Openstack Platform=17.0
CVE-2023-1633
A barbican configuration file is set to world-readable in Red Hat OpenStack. This presents a security risk as it allows authenticated attacker with limited access to the file to view its contents, inc...
OpenStack Barbican
Redhat Openstack Platform=16.1
Redhat Openstack Platform=16.2
Redhat Openstack Platform=17.0
pip/barbican<=16.0.0
CVE-2023-1625
An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. ...
openstack heat
Redhat Openstack Platform=13.0
Redhat Openstack Platform=16.1
Redhat Openstack Platform=16.2
Redhat Openstack Platform=17.0
pip/openstack-heat<20.0.0
and 4 more
CVE-2022-3146
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force...
Openstack Tripleo Ansible
Redhat Openstack=16.1
Redhat Openstack=16.2
Redhat Openstack For Ibm Power=16.1
Redhat Openstack For Ibm Power=16.2
CVE-2022-47951
An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0....
OpenStack Cinder<=19.1.2
OpenStack Cinder>=20.0.0<20.0.2
OpenStack Glance<23.0.1
OpenStack Glance>=24.0.0<24.1.1
OpenStack Nova<24.1.2
OpenStack Nova>=25.0.0<25.0.2
and 5 more
CVE-2022-3100
A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API.
OpenStack Barbican
Redhat Openstack=13
Redhat Openstack=16.1
Redhat Openstack=16.2
Redhat Openstack=17
Redhat Openstack For Ibm Power=13
and 4 more
CVE-2022-47950
An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file co...
OpenStack Swift<2.28.1
OpenStack Swift>=2.29.0<2.29.2
OpenStack Swift=2.30.0
Debian Debian Linux=10.0
pip/swift=2.30.0
pip/swift>=2.29.0<2.29.2
and 1 more
CVE-2022-38060
A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges.
OpenStack Kolla
CVE-2022-4134
<a href="https://wiki.openstack.org/wiki/OSSN/OSSN-0090">https://wiki.openstack.org/wiki/OSSN/OSSN-0090</a>
OpenStack Glance
Redhat Openstack=13
Redhat Openstack=16.1
Redhat Openstack=16.2
Redhat Openstack=17
CVE-2022-3277
An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates res...
OpenStack Neutron<18.6.0
OpenStack Neutron>=19.0.0<19.5.0
Redhat Openstack Platform=13.0
Redhat Openstack Platform=16.1
Redhat Openstack Platform=16.2
pip/neutron>=20.0.0.0rc1<20.3.0
and 2 more
CVE-2022-37394
An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnic_type, creating an instance bound to that port, and ...
OpenStack Nova<23.2.2
OpenStack Nova>=24.0.0<24.1.2
OpenStack Nova>=25.0.0<25.0.2
pip/nova>=25.0.0<25.0.2
pip/nova>=24.0.0<24.1.2
pip/nova<23.2.2
CVE-2022-2447
Description of problem: Keystone issues tokens with the default lifespan regardless of the lifespan of the application credentials used to issue them. If the configured lifespan of an identity token i...
OpenStack Keystone
Redhat Openstack=16.1
Redhat Openstack=16.2
Redhat Openstack Platform=16.1
Redhat Openstack Platform=16.2
Redhat Quay=3.0.0
and 1 more
CVE-2022-0718
A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a double quote ( " ) in them cause incorrect masking in debug logs, causing any part of the password after the double quo...
Openstack Oslo.utils<4.10.1
Openstack Oslo.utils=4.12.0
Redhat Openshift Container Platform=4.0
Redhat Openstack Platform=16.1
Debian Debian Linux=10.0
Debian Debian Linux=11.0
and 4 more
CVE-2021-4180
An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the www_authenticate_uri pa...
Openstack Tripleo Heat Templates<11.6.1
Redhat Openstack=13
Redhat Openstack=16.1
Redhat Openstack=16.2
redhat/openstack-tripleo-heat-templates<11.6.1
CVE-2022-23452
An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. This flaw allows an attacker on the network to consume protec...
OpenStack Barbican<14.0.0
Redhat Openstack Platform=16.1
pip/barbican<14.0.0
<14.0.0
=16.1
CVE-2022-23451
An authorization flaw was found in openstack-barbican. The default policy rules for the secret metadata API allowed any authenticated user to add, modify, or delete metadata from any secret regardless...
OpenStack Barbican<14.0.0
Redhat Openstack Platform=13.0
Redhat Openstack Platform=16.1
Redhat Openstack Platform=16.2
CVE-2021-40797
An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. By making API requests involving nonexistent controllers, an authentica...
OpenStack Neutron<16.4.1
OpenStack Neutron>=17.0.0<17.2.1
OpenStack Neutron>=18.0.0<18.1.1
pip/neutron>=18.0.0<18.1.1
pip/neutron>=17.0.0<17.2.1
pip/neutron<16.4.1
and 3 more
CVE-2021-40085
An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value.
debian/neutron
debian/neutron<=2:17.1.1-6<=2:18.1.0-2
OpenStack Neutron<16.4.1
OpenStack Neutron>=17.0.0<17.2.1
OpenStack Neutron>=18.0.0<18.1.1
Debian Debian Linux=9.0
and 11 more
CVE-2021-38598
OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending ca...
OpenStack Neutron<16.4.1
OpenStack Neutron>=17.0.0<17.1.3
OpenStack Neutron=18.0.0
pip/neutron=18.0.0
pip/neutron>=17.0.0<17.1.3
pip/neutron<16.4.1
CVE-2021-38155
OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking (related to PCI DSS features). B...
OpenStack Keystone>=10.0.0<16.0.2
OpenStack Keystone>=17.0.0<17.0.1
OpenStack Keystone>=18.0.0<18.0.1
OpenStack Keystone>=19.0.0<19.0.1
pip/keystone>=19.0<19.0.1
pip/keystone>=18.0<18.0.1
and 2 more
CVE-2021-3585
Plain password from RHSM in the logs during OSP13 deployment with subscription-manager. overcloud_install.log contains a plaintext password after overcloud creation. See <a class="bz_bug_link ...
Openstack Tripleo Heat Templates<8.4.1
CVE-2017-8761
In OpenStack Swift through 2.10.1, 2.11.0 through 2.13.0, and 2.14.0, the proxy-server logs full tempurl paths, potentially leaking reusable tempurl signatures to anyone with read access to these logs...
OpenStack Swift<=2.10.1
OpenStack Swift>=2.11.0<=2.13.0
OpenStack Swift=2.14.0
CVE-2021-3563
A flaw was found in openstack-keystone, only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. T...
OpenStack Keystone
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Redhat Openstack Platform=10.0
Redhat Openstack Platform=13.0
Redhat Openstack Platform=16.1
and 3 more
CVE-2021-3654
A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.
OpenStack Nova<21.2.3
OpenStack Nova>=22.0.0<22.2.3
OpenStack Nova>=23.0.0<23.0.3
Redhat Openstack Platform=16.1
Redhat Openstack Platform=16.2
redhat/nova<21.2.3
and 2 more
CVE-2021-20267
A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonat...
OpenStack Neutron<16.3.3
OpenStack Neutron>=17.0.0<17.1.3
OpenStack Neutron=18.0.0
Redhat Openstack Platform=10.0
Redhat Openstack Platform=13.0
Redhat Openstack Platform=16.1
and 14 more
CVE-2020-29565
An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allo...
OpenStack Horizon>=15.3.0<15.3.2
OpenStack Horizon>=16.0.0<16.2.1
OpenStack Horizon>=17.0.0<18.3.3
OpenStack Horizon>=18.4.0<=18.5.0
Debian Debian Linux=10.0
debian/horizon
and 4 more
CVE-2020-26943
An issue was discovered in OpenStack blazar-dashboard before 1.3.1, 2.0.0, and 3.0.0. A user allowed to access the Blazar dashboard in Horizon may trigger code execution on the Horizon host as the use...
OpenStack blazar-dashboard<1.3.1
OpenStack blazar-dashboard=2.0.0
OpenStack blazar-dashboard=3.0.0
CVE-2020-17376
An issue was discovered in Guest.migrate in `virt/libvirt/guest.py` in OpenStack Nova before 19.3.1, 20.x before 20.3.1, and 21.0.0. By performing a soft reboot of an instance that has previously unde...
OpenStack Nova<19.3.1
OpenStack Nova>=20.0.0<20.3.1
OpenStack Nova=21.0.0
pip/nova=21.0.0
pip/nova>=20.0.0<20.3.1
pip/nova<19.3.1
CVE-2020-12691
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then p...
OpenStack Keystone<15.0.1
OpenStack Keystone=16.0.0
Canonical Ubuntu Linux=18.04
ubuntu/keystone<2:13.0.4-0ubuntu1
ubuntu/keystone<13.0.4<15.0.1<16.0.0
debian/keystone
and 2 more
CVE-2020-12689
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalat...
OpenStack Keystone<15.0.1
OpenStack Keystone=16.0.0
Canonical Ubuntu Linux=18.04
pip/keystone=16.0.0
pip/keystone<15.0.1
ubuntu/keystone<2:13.0.4-0ubuntu1
and 2 more
CVE-2020-12692
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then u...
OpenStack Keystone<15.0.1
OpenStack Keystone=16.0.0
Canonical Ubuntu Linux=18.04
ubuntu/keystone<2:13.0.4-0ubuntu1
ubuntu/keystone<13.0.4<15.0.1<16.0.0
debian/keystone
CVE-2020-12690
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keys...
OpenStack Keystone<15.0.1
OpenStack Keystone=16.0.0
ubuntu/keystone<2:13.0.4-0ubuntu1
ubuntu/keystone<13.0.4<15.0.1<16.0.0
debian/keystone
CVE-2020-9543
OpenStack Manila <7.4.1, >=8.0.0 <8.1.1, and >=9.0.0 <9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attacke...
OpenStack Manila<7.4.1
OpenStack Manila>=8.0.0<8.1.1
OpenStack Manila>=9.0.0<9.1.1
pip/manila>=9.0.0<9.1.1
pip/manila>=8.0.0<8.1.1
pip/manila<7.4.1
and 3 more
CVE-2015-9543
An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs m...
OpenStack Nova<18.2.4
OpenStack Nova>=19.0.0<19.1.0
OpenStack Nova>=20.0.0<20.1.0
pip/Nova>=20.0.0<20.1.0
pip/Nova>=19.0.0<19.1.0
pip/Nova<18.2.4
CVE-2012-5476
Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value.
OpenStack Horizon=2012.2
Debian Debian Linux=8.0
Debian Debian Linux=9.0
Debian Debian Linux=10.0
debian/horizon
CVE-2012-5474
The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1) is world readable and exposes the secret k...
Redhat Openstack=2.0
OpenStack Horizon>=2012.1<2012.1.1
Debian Debian Linux=8.0
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=18
and 1 more
CVE-2013-2166
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass.
Openstack Python-keystoneclient>=0.2.3<=0.2.5
Redhat Openstack=3.0
Fedoraproject Fedora=19
Debian Debian Linux=8.0
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 1 more
CVE-2013-2167
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass
pip/python-keystoneclient>=0.2.3<=0.2.5
Openstack Python-keystoneclient>=0.2.3<=0.2.5
Redhat Openstack=3.0
Debian Debian Linux=8.0
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 1 more
CVE-2019-19687
A vulnerability was found in Keystone's list credentials API. Any user with a role on a project is able to list any credentials with the /v3/credentials API when enforce_scope is false. Users with a r...
pip/keystone=16.0.0
pip/keystone=15.0.0
OpenStack Keystone=15.0.0
OpenStack Keystone=16.0.0
redhat/keystone 16.0.0<5
redhat/keystone 15.0.0<18
and 2 more
CVE-2013-0326
OpenStack nova base images permissions are world readable
OpenStack Nova
Debian Debian Linux=8.0
Debian Debian Linux=9.0
Debian Debian Linux=10.0
debian/nova<=2:18.1.0-6<=2:18.1.0-6+deb10u2<=2:22.0.1-2+deb11u1<=2:26.1.0-4<=2:28.0.0-2
CVE-2012-1572
OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space
debian/keystone
OpenStack Keystone
Debian Debian Linux=8.0
Debian Debian Linux=9.0
Debian Debian Linux=10.0
CVE-2013-2255
HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.
OpenStack Compute=2013.1
OpenStack Keystone=2013
Redhat Openstack=3.0
Redhat Openstack=4.0
Debian Debian Linux=8.0
Debian Debian Linux=9.0
and 7 more
CVE-2019-15753
In OpenStack os-vif 1.15.x before 1.15.2, and 1.16.0, a hard-coded MAC aging time of 0 disables MAC learning in linuxbridge, forcing obligatory Ethernet flooding of non-local destinations, which both ...
OpenStack os-vif>=1.15.0<1.15.2
OpenStack os-vif=1.16.0
pip/os-vif=1.16.0
pip/os-vif>=1.15.0<1.15.2
CVE-2019-14433
A vulnerability was found in Nova Compute resource fault handling. If an API request from an authenticateduser ends in a fault condition due to an external exception, details of the underlying environ...
OpenStack Nova<17.0.12
OpenStack Nova>=18.0.0<18.2.2
OpenStack Nova>=19.0.0<19.0.2
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.04
and 11 more
CVE-2016-7404
OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. While these should just be used for retrieving the instances' SSL certificates, they allow full API access...
OpenStack Magnum
CVE-2019-10141
A vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1. A SQL-injection vulnerability was found in openstack-ironic-inspector's node_cache....
Openstack Ironic-inspector<5.0.2
Openstack Ironic-inspector>=5.1.0<6.0.3
Openstack Ironic-inspector>=6.1.0<7.2.4
Openstack Ironic-inspector>=8.0.0<8.0.3
Openstack Ironic-inspector>=8.1.0<8.2.1
Redhat Openstack=10
and 16 more
CVE-2011-3147
Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem.
OpenStack Nova>=2010.1<2012.1
pip/nova<12.0.0a0
CVE-2019-10876
An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated use...
OpenStack Neutron>=11.0.0<11.0.7
OpenStack Neutron>=12.0.0<12.0.6
OpenStack Neutron>=13.0.0<13.0.3
Redhat Openstack=13
Redhat Openstack=14
redhat/neutron<11.0.7
and 5 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203