Vulnerabilities (CVE)

Filtered by vendor Openstack Subscribe
Total 252 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-45582 1 Openstack 1 Horizon 2023-12-01 N/A 6.1 MEDIUM
Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the success_url parameter.
CVE-2023-1633 2 Openstack, Redhat 2 Barbican, Openstack Platform 2023-11-07 N/A 5.5 MEDIUM
A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials.
CVE-2023-1625 2 Openstack, Redhat 2 Heat, Openstack Platform 2023-11-07 N/A 5.0 MEDIUM
An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.
CVE-2023-1636 2 Openstack, Redhat 2 Barbican, Openstack Platform 2023-11-07 N/A 5.0 MEDIUM
A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any service is compromised, it could gain access to the data transmitted to and from Barbican.
CVE-2022-47950 2 Debian, Openstack 2 Debian Linux, Swift 2023-11-07 N/A 6.5 MEDIUM
An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data. This impacts both s3api deployments (Rocky or later), and swift3 deployments (Queens and earlier, no longer actively developed).
CVE-2022-3101 2 Openstack, Redhat 3 Tripleo Ansible, Openstack, Openstack For Ibm Power 2023-11-07 N/A 5.5 MEDIUM
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to information disclosure of important configuration details from the OpenStack deployment.
CVE-2022-3146 2 Openstack, Redhat 3 Tripleo Ansible, Openstack, Openstack For Ibm Power 2023-11-07 N/A 5.5 MEDIUM
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file. This issue leads to information disclosure of important configuration details from the OpenStack deployment.
CVE-2020-12691 2 Canonical, Openstack 2 Ubuntu Linux, Keystone 2023-11-07 6.5 MEDIUM 8.8 HIGH
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to masquerade as another user. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.
CVE-2020-12690 1 Openstack 1 Keystone 2023-11-07 6.5 MEDIUM 8.8 HIGH
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. This results in the provided keystone token having more role assignments than the creator intended, possibly giving unintended escalated access.
CVE-2020-12689 2 Canonical, Openstack 2 Ubuntu Linux, Keystone 2023-11-07 6.5 MEDIUM 8.8 HIGH
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.
CVE-2018-20170 1 Openstack 1 Keystone 2023-11-07 5.0 MEDIUM 5.3 MEDIUM
OpenStack Keystone through 14.0.1 has a user enumeration vulnerability because invalid usernames have much faster responses than valid ones for a POST /v3/auth/tokens request. NOTE: the vendor's position is that this is a hardening opportunity, and not necessarily an issue that should have an OpenStack Security Advisory
CVE-2016-6519 2 Openstack, Redhat 2 Manila, Openstack 2023-11-07 3.5 LOW 5.4 MEDIUM
Cross-site scripting (XSS) vulnerability in the "Shares" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the "Create Share" form.
CVE-2016-7498 1 Openstack 1 Compute \(nova\) 2023-11-07 6.8 MEDIUM 6.5 MEDIUM
OpenStack Compute (nova) 13.0.0 does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances while in the resize state. NOTE: this vulnerability exists because of a CVE-2015-3280 regression.
CVE-2015-5286 1 Openstack 1 Image Registry And Delivery Service \(glance\) 2023-11-07 6.8 MEDIUM N/A
OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting images that are being uploaded using a token that expires during the process. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-9623.
CVE-2014-3632 1 Openstack 1 Neutron 2023-11-07 7.6 HIGH N/A
The default configuration in a sudoers file in the Red Hat openstack-neutron package before 2014.1.2-4, as used in Red Hat Enterprise Linux Open Stack Platform 5.0 for Red Hat Enterprise Linux 6, allows remote attackers to gain privileges via a crafted configuration file. NOTE: this vulnerability exists because of a CVE-2013-6433 regression.
CVE-2014-3608 1 Openstack 1 Nova 2023-11-07 2.7 LOW N/A
The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2573.
CVE-2013-4278 1 Openstack 1 Compute 2023-11-07 3.5 LOW N/A
The "create an instance" API in OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to boot arbitrary flavors by guessing the flavor id. NOTE: this issue is due to an incomplete fix for CVE-2013-2256.
CVE-2013-4463 1 Openstack 3 Folsom, Grizzly, Havana 2023-11-07 2.1 LOW N/A
OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) via a compressed QCOW2 image. NOTE: this issue is due to an incomplete fix for CVE-2013-2096.
CVE-2013-4469 1 Openstack 3 Folsom, Grizzly, Havana 2023-11-07 1.9 LOW N/A
OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual size that does not contain a large amount of data from Glance. NOTE: this issue is due to an incomplete fix for CVE-2013-2096.
CVE-2013-4179 1 Openstack 2 Compute, Havana 2023-11-07 4.3 MEDIUM N/A
The security group extension in OpenStack Compute (Nova) Grizzly 2013.1.3, Havana before havana-3, and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664.