Openstack Уязвимости

Временная шкала

Тип

Cloud Software	187

Продукт

OpenStack Compute	26
OpenStack Keystone	23
OpenStack Horizon	13
OpenStack Neutron	13
OpenStack Swift	9

Устранение последствий

Official Fix	132
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	55

Эксплуатационная пригодность

High	0
Functional	0
Proof-of-Concept	1
Unproven	3
Not Defined	183

Вектор доступа

Not Defined	0
Physical	0
Local	21
Adjacent	15
Network	151

Аутентификация

Not Defined	0
High	0
Low	104
None	83

Взаимодействие с пользователем

Not Defined	0
Required	17
None	170

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	1
≤4	24
≤5	54
≤6	47
≤7	34
≤8	19
≤9	7
≤10	1

CVSSv3 Temp

≤1	0
≤2	0
≤3	3
≤4	23
≤5	53
≤6	62
≤7	24
≤8	18
≤9	3
≤10	1

VulDB

≤1	0
≤2	0
≤3	2
≤4	28
≤5	51
≤6	48
≤7	32
≤8	22
≤9	3
≤10	1

NVD

≤1	0
≤2	0
≤3	0
≤4	2
≤5	5
≤6	9
≤7	6
≤8	8
≤9	3
≤10	8

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	1
≤6	2
≤7	0
≤8	0
≤9	1
≤10	0

Поставщик

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Эксплойт 0-дня

<1k	53
<2k	61
<5k	73
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Эксплойт сегодня

<1k	183
<2k	3
<5k	1
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Объем рынка эксплойтов

🔴 CTI Деятельность

Affected Products (57): Barbican (2), Ceilometer (1), Cinder (3), Compute (26), Compute (Nova) (1), Dashboard (3), Delivery Service (1), Designate (1), Diablo (1), Essex (1), Folsom (8), Glance (5), Grizzly (8), Havana (5), Heat (4), Horizon (13), Identity (2), Image Registry (1), Image Registry And Delivery Service (7), Image Registry And Delivery Service (glance) (1), Image Service (3), Ironic (2), Ironic Inspector (1), Keystone (23), Keystone Folsom (1), Manila (2), Murano (2), Neutron (13), Newton (1), Nova (6), Nova-LXD (1), Object Storage (3), Ocata (1), OpenStack Keystone (1), Orchestration (1), Puppet Module for Gerrit (1), PyCADF (1), Storlets yoga-eom (1), Sushy-Tools (1), Swauth (1), Swift (9), Swift-on-File (1), Trove (2), Undercloud (1), VirtualBMC (1), Workflow (1), blazar-dashboard (1), devstack (1), horizon (2), icehouse (1), keystonemiddleware (2), magnum yoga-eom (1), neutron (1), os-vif (1), python-keystoneclient (3), rabbitmq (1), swift (1)

Link to Vendor Website: https://www.openstack.org/

Опубликовано	Base	Temp	Уязвимости	Prod	Э�	Rem	EPSS	CTI	CVE
22.04.2024	6.3	6.3	OpenStack Storlets yoga-eom gateway.py повреждение памяти	Cloud Software	Not Defined	Not Defined	0.00043	0.05	CVE-2024-28717
12.04.2024	6.3	6.3	OpenStack magnum yoga-eom cert_manager.py повреждение памяти	Cloud Software	Not Defined	Not Defined	0.00045	0.04	CVE-2024-28718
18.03.2024	2.6	2.5	OpenStack Murano YAQL раскрытие информации	Cloud Software	Not Defined	Official Fix	0.00045	0.04	CVE-2024-29156
21.09.2023	7.1	7.1	OpenStack Undercloud раскрытие информации	Cloud Software	Not Defined	Not Defined	0.00236	0.00	CVE-2022-3596
23.08.2023	4.5	4.5	OpenStack Horizon Web Dashboard Redirect	Cloud Software	Not Defined	Official Fix	0.00052	0.06	CVE-2022-45582
22.04.2023	3.5	3.5	OpenStack Barbican Configuration File раскрытие информации	Cloud Software	Not Defined	Not Defined	0.00042	0.02	CVE-2023-1633
22.04.2023	5.5	5.5	OpenStack Barbican Container Isolation эскалация привилегий	Cloud Software	Not Defined	Not Defined	0.00045	0.06	CVE-2023-1636
18.01.2023	5.4	5.3	OpenStack Swift XML File раскрытие информации	Cloud Software	Not Defined	Official Fix	0.00080	0.02	CVE-2022-47950
31.10.2022	5.0	5.0	OpenStack Sushy-Tools/VirtualBMC Boot Configuration эскалация привилегий	Cloud Software	Not Defined	Not Defined	0.00048	0.00	CVE-2022-44020
26.08.2022	7.3	7.3	OpenStack Keystone Application Secret повреждение памяти	Cloud Software	Not Defined	Not Defined	0.00445	0.00	CVE-2021-3563
03.08.2022	3.4	3.4	OpenStack Nova Neutron Port отказ в обслуживании	Cloud Software	Not Defined	Official Fix	0.00047	0.00	CVE-2022-37394
03.03.2022	4.9	4.7	OpenStack Nova noVNC Redirect	Cloud Software	Not Defined	Official Fix	0.92596	0.04	CVE-2021-3654
09.09.2021	4.3	4.1	OpenStack Neutron API Worker отказ в обслуживании	Cloud Software	Not Defined	Official Fix	0.00118	0.00	CVE-2021-40797
01.09.2021	5.5	5.3	OpenStack Neutron dnsmasq Privilege Escalation	Cloud Software	Not Defined	Official Fix	0.00112	0.00	CVE-2021-40085
23.08.2021	6.3	6.0	OpenStack Neutron Linuxbridge Driver эскалация привилегий	Cloud Software	Not Defined	Official Fix	0.00084	0.00	CVE-2021-38598
07.08.2021	3.1	3.0	OpenStack Keystone Account Lockout раскрытие информации	Cloud Software	Not Defined	Official Fix	0.00171	0.03	CVE-2021-38155
02.06.2021	3.5	3.5	OpenStack Swift Proxy-Server Log раскрытие информации	Cloud Software	Not Defined	Not Defined	0.00054	0.00	CVE-2017-8761
16.10.2020	7.7	7.4	OpenStack blazar-dashboard эскалация привилегий	Cloud Software	Not Defined	Official Fix	0.00233	0.03	CVE-2020-26943
07.05.2020	7.5	7.2	OpenStack OpenStack Keystone EC2 Credential Masquerade слабое шифрование	Cloud Software	Not Defined	Official Fix	0.00765	0.00	CVE-2020-12691
12.03.2020	8.2	7.8	OpenStack Manila эскалация привилегий	Cloud Software	Not Defined	Official Fix	0.00167	0.04	CVE-2020-9543
22.11.2019	6.4	6.4	OpenStack Designate DNS Protocol отказ в обслуживании	Cloud Software	Not Defined	Not Defined	0.00527	0.02	CVE-2015-5694
28.08.2019	8.2	7.8	OpenStack os-vif linuxbridge impl_pyroute2.py PyRoute2.add отказ в обслуживании	Cloud Software	Not Defined	Official Fix	0.00267	0.00	CVE-2019-15753
10.09.2018	7.3	7.3	OpenStack rabbitmq эскалация привилегий	Cloud Software	Not Defined	Not Defined	0.00317	0.03	CVE-2018-14620
27.07.2018	4.9	4.9	OpenStack Workflow Service Log Directory раскрытие информации	Cloud Software	Not Defined	Not Defined	0.00044	0.00	CVE-2017-2622
27.07.2018	4.9	4.9	OpenStack Orchestration Access раскрытие информации	Cloud Software	Not Defined	Official Fix	0.00057	0.03	CVE-2017-2621

162 больше записей не показано

🔒 Login Required

You need to signup and login to see more of the remaining 162 results.

◂ ПредыдущийОбзорДалее ▸

Do you need the next level of professionalism?

Upgrade your account now!