Openstack Vulnérabilités

Chronologie

Taper

Cloud Software	187

Produit

OpenStack Compute	26
OpenStack Keystone	23
OpenStack Horizon	13
OpenStack Neutron	13
OpenStack Swift	9

Contre-mesures

Official Fix	132
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	55

Exploitabilité

High	0
Functional	0
Proof-of-Concept	1
Unproven	3
Not Defined	183

Vecteur d'accès

Not Defined	0
Physical	0
Local	21
Adjacent	15
Network	151

Authentification

Not Defined	0
High	0
Low	104
None	83

Interaction de l'utilisateur

Not Defined	0
Required	17
None	170

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	1
≤4	24
≤5	54
≤6	47
≤7	34
≤8	19
≤9	7
≤10	1

CVSSv3 Temp

≤1	0
≤2	0
≤3	3
≤4	23
≤5	53
≤6	62
≤7	24
≤8	18
≤9	3
≤10	1

VulDB

≤1	0
≤2	0
≤3	2
≤4	28
≤5	51
≤6	48
≤7	32
≤8	22
≤9	3
≤10	1

NVD

≤1	0
≤2	0
≤3	0
≤4	2
≤5	5
≤6	9
≤7	6
≤8	8
≤9	3
≤10	8

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	1
≤6	2
≤7	0
≤8	0
≤9	1
≤10	0

Fournisseur

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploiter 0 jour

<1k	53
<2k	61
<5k	73
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploiter aujourd'hui

<1k	183
<2k	3
<5k	1
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploiter le volume du marché

🔴 CTI Activités

Affected Products (57): Barbican (2), Ceilometer (1), Cinder (3), Compute (26), Compute (Nova) (1), Dashboard (3), Delivery Service (1), Designate (1), Diablo (1), Essex (1), Folsom (8), Glance (5), Grizzly (8), Havana (5), Heat (4), Horizon (13), Identity (2), Image Registry (1), Image Registry And Delivery Service (7), Image Registry And Delivery Service (glance) (1), Image Service (3), Ironic (2), Ironic Inspector (1), Keystone (23), Keystone Folsom (1), Manila (2), Murano (2), Neutron (13), Newton (1), Nova (6), Nova-LXD (1), Object Storage (3), Ocata (1), OpenStack Keystone (1), Orchestration (1), Puppet Module for Gerrit (1), PyCADF (1), Storlets yoga-eom (1), Sushy-Tools (1), Swauth (1), Swift (9), Swift-on-File (1), Trove (2), Undercloud (1), VirtualBMC (1), Workflow (1), blazar-dashboard (1), devstack (1), horizon (2), icehouse (1), keystonemiddleware (2), magnum yoga-eom (1), neutron (1), os-vif (1), python-keystoneclient (3), rabbitmq (1), swift (1)

Link to Vendor Website: https://www.openstack.org/

Publié	Base	Temp	Vulnérabilité	Prod	Exp	Con	EPSS	CTI	CVE
22/04/2024	6.3	6.3	OpenStack Storlets yoga-eom gateway.py buffer overflow	Cloud Software	Not Defined	Not Defined	0.00043	0.05	CVE-2024-28717
12/04/2024	6.3	6.3	OpenStack magnum yoga-eom cert_manager.py buffer overflow	Cloud Software	Not Defined	Not Defined	0.00045	0.04	CVE-2024-28718
18/03/2024	2.6	2.5	OpenStack Murano YAQL divulgation de l'information	Cloud Software	Not Defined	Official Fix	0.00045	0.04	CVE-2024-29156
21/09/2023	7.1	7.1	OpenStack Undercloud divulgation de l'information	Cloud Software	Not Defined	Not Defined	0.00236	0.00	CVE-2022-3596
23/08/2023	4.5	4.5	OpenStack Horizon Web Dashboard Redirect	Cloud Software	Not Defined	Official Fix	0.00052	0.06	CVE-2022-45582
22/04/2023	3.5	3.5	OpenStack Barbican Configuration File divulgation de l'information	Cloud Software	Not Defined	Not Defined	0.00042	0.02	CVE-2023-1633
22/04/2023	5.5	5.5	OpenStack Barbican Container Isolation elévation de privilèges	Cloud Software	Not Defined	Not Defined	0.00045	0.06	CVE-2023-1636
18/01/2023	5.4	5.3	OpenStack Swift XML File divulgation de l'information	Cloud Software	Not Defined	Official Fix	0.00080	0.02	CVE-2022-47950
31/10/2022	5.0	5.0	OpenStack Sushy-Tools/VirtualBMC Boot Configuration elévation de privilèges	Cloud Software	Not Defined	Not Defined	0.00048	0.00	CVE-2022-44020
26/08/2022	7.3	7.3	OpenStack Keystone Application Secret buffer overflow	Cloud Software	Not Defined	Not Defined	0.00445	0.00	CVE-2021-3563
03/08/2022	3.4	3.4	OpenStack Nova Neutron Port dénie de service	Cloud Software	Not Defined	Official Fix	0.00047	0.00	CVE-2022-37394
03/03/2022	4.9	4.7	OpenStack Nova noVNC Redirect	Cloud Software	Not Defined	Official Fix	0.92596	0.04	CVE-2021-3654
09/09/2021	4.3	4.1	OpenStack Neutron API Worker dénie de service	Cloud Software	Not Defined	Official Fix	0.00118	0.00	CVE-2021-40797
01/09/2021	5.5	5.3	OpenStack Neutron dnsmasq Privilege Escalation	Cloud Software	Not Defined	Official Fix	0.00112	0.00	CVE-2021-40085
23/08/2021	6.3	6.0	OpenStack Neutron Linuxbridge Driver elévation de privilèges	Cloud Software	Not Defined	Official Fix	0.00084	0.00	CVE-2021-38598
07/08/2021	3.1	3.0	OpenStack Keystone Account Lockout divulgation de l'information	Cloud Software	Not Defined	Official Fix	0.00171	0.03	CVE-2021-38155
02/06/2021	3.5	3.5	OpenStack Swift Proxy-Server Log divulgation de l'information	Cloud Software	Not Defined	Not Defined	0.00054	0.00	CVE-2017-8761
16/10/2020	7.7	7.4	OpenStack blazar-dashboard elévation de privilèges	Cloud Software	Not Defined	Official Fix	0.00233	0.03	CVE-2020-26943
07/05/2020	7.5	7.2	OpenStack OpenStack Keystone EC2 Credential Masquerade chiffrement faible	Cloud Software	Not Defined	Official Fix	0.00765	0.00	CVE-2020-12691
12/03/2020	8.2	7.8	OpenStack Manila elévation de privilèges	Cloud Software	Not Defined	Official Fix	0.00167	0.04	CVE-2020-9543
22/11/2019	6.4	6.4	OpenStack Designate DNS Protocol dénie de service	Cloud Software	Not Defined	Not Defined	0.00527	0.02	CVE-2015-5694
28/08/2019	8.2	7.8	OpenStack os-vif linuxbridge impl_pyroute2.py PyRoute2.add dénie de service	Cloud Software	Not Defined	Official Fix	0.00267	0.00	CVE-2019-15753
10/09/2018	7.3	7.3	OpenStack rabbitmq elévation de privilèges	Cloud Software	Not Defined	Not Defined	0.00317	0.03	CVE-2018-14620
27/07/2018	4.9	4.9	OpenStack Workflow Service Log Directory divulgation de l'information	Cloud Software	Not Defined	Not Defined	0.00044	0.00	CVE-2017-2622
27/07/2018	4.9	4.9	OpenStack Orchestration Access divulgation de l'information	Cloud Software	Not Defined	Official Fix	0.00057	0.03	CVE-2017-2621

162 plus d'entrées ne sont pas affichées

🔒 Login Required

You need to signup and login to see more of the remaining 162 results.

◂ PrécédentAperçuSuivant ▸

Do you need the next level of professionalism?

Upgrade your account now!