Openstack Sårbarheter

Tidslinje

Typ

Cloud Software	186

Produkt

OpenStack Compute	26
OpenStack Keystone	23
OpenStack Horizon	13
OpenStack Neutron	13
OpenStack Swift	9

Åtgärd

Official Fix	132
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	54

Utnyttjbarhet

High	0
Functional	0
Proof-of-Concept	1
Unproven	3
Not Defined	182

Åtkomstvektor

Not Defined	0
Physical	0
Local	21
Adjacent	15
Network	150

Autentisering

Not Defined	0
High	0
Low	103
None	83

Användarinteraktion

Not Defined	0
Required	17
None	169

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	1
≤4	24
≤5	54
≤6	47
≤7	33
≤8	19
≤9	7
≤10	1

CVSSv3 Temp

≤1	0
≤2	0
≤3	3
≤4	23
≤5	53
≤6	62
≤7	23
≤8	18
≤9	3
≤10	1

VulDB

≤1	0
≤2	0
≤3	2
≤4	28
≤5	51
≤6	48
≤7	31
≤8	22
≤9	3
≤10	1

NVD

≤1	0
≤2	0
≤3	0
≤4	2
≤5	5
≤6	9
≤7	6
≤8	8
≤9	3
≤10	8

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	1
≤6	2
≤7	0
≤8	0
≤9	1
≤10	0

Säljare

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Utnyttja 0-dagars

<1k	53
<2k	60
<5k	73
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Utnyttja idag

<1k	184
<2k	1
<5k	1
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Utnyttja marknadsvolymen

🔴 CTI Aktiviteter

Affected Products (56): Barbican (2), Ceilometer (1), Cinder (3), Compute (26), Compute (Nova) (1), Dashboard (3), Delivery Service (1), Designate (1), Diablo (1), Essex (1), Folsom (8), Glance (5), Grizzly (8), Havana (5), Heat (4), Horizon (13), Identity (2), Image Registry (1), Image Registry And Delivery Service (7), Image Registry And Delivery Service (glance) (1), Image Service (3), Ironic (2), Ironic Inspector (1), Keystone (23), Keystone Folsom (1), Manila (2), Murano (2), Neutron (13), Newton (1), Nova (6), Nova-LXD (1), Object Storage (3), Ocata (1), OpenStack Keystone (1), Orchestration (1), Puppet Module for Gerrit (1), PyCADF (1), Sushy-Tools (1), Swauth (1), Swift (9), Swift-on-File (1), Trove (2), Undercloud (1), VirtualBMC (1), Workflow (1), blazar-dashboard (1), devstack (1), horizon (2), icehouse (1), keystonemiddleware (2), magnum yoga-eom (1), neutron (1), os-vif (1), python-keystoneclient (3), rabbitmq (1), swift (1)

Link to Vendor Website: https://www.openstack.org/

Publicerad	Base	Temp	Sårbarhet	Prod	Utn	Rem	EPSS	CTI	CVE
12/04/2024	6.3	6.3	OpenStack magnum yoga-eom cert_manager.py minneskorruption	Cloud Software	Not Defined	Not Defined	0.00045	0.04	CVE-2024-28718
18/03/2024	2.6	2.5	OpenStack Murano YAQL informationsgivning	Cloud Software	Not Defined	Official Fix	0.00045	0.04	CVE-2024-29156
21/09/2023	7.1	7.1	OpenStack Undercloud informationsgivning	Cloud Software	Not Defined	Not Defined	0.00236	0.00	CVE-2022-3596
23/08/2023	4.5	4.5	OpenStack Horizon Web Dashboard Redirect	Cloud Software	Not Defined	Official Fix	0.00052	0.06	CVE-2022-45582
22/04/2023	3.5	3.5	OpenStack Barbican Configuration File informationsgivning	Cloud Software	Not Defined	Not Defined	0.00042	0.02	CVE-2023-1633
22/04/2023	5.5	5.5	OpenStack Barbican Container Isolation privilegier eskalering	Cloud Software	Not Defined	Not Defined	0.00045	0.06	CVE-2023-1636
18/01/2023	5.4	5.3	OpenStack Swift XML File informationsgivning	Cloud Software	Not Defined	Official Fix	0.00080	0.02	CVE-2022-47950
31/10/2022	5.0	5.0	OpenStack Sushy-Tools/VirtualBMC Boot Configuration privilegier eskalering	Cloud Software	Not Defined	Not Defined	0.00048	0.00	CVE-2022-44020
26/08/2022	7.3	7.3	OpenStack Keystone Application Secret minneskorruption	Cloud Software	Not Defined	Not Defined	0.00445	0.02	CVE-2021-3563
03/08/2022	3.4	3.4	OpenStack Nova Neutron Port förnekande av tjänsten	Cloud Software	Not Defined	Official Fix	0.00047	0.00	CVE-2022-37394
03/03/2022	4.9	4.7	OpenStack Nova noVNC Redirect	Cloud Software	Not Defined	Official Fix	0.92596	0.04	CVE-2021-3654
09/09/2021	4.3	4.1	OpenStack Neutron API Worker förnekande av tjänsten	Cloud Software	Not Defined	Official Fix	0.00118	0.00	CVE-2021-40797
01/09/2021	5.5	5.3	OpenStack Neutron dnsmasq Privilege Escalation	Cloud Software	Not Defined	Official Fix	0.00112	0.00	CVE-2021-40085
23/08/2021	6.3	6.0	OpenStack Neutron Linuxbridge Driver privilegier eskalering	Cloud Software	Not Defined	Official Fix	0.00084	0.00	CVE-2021-38598
07/08/2021	3.1	3.0	OpenStack Keystone Account Lockout informationsgivning	Cloud Software	Not Defined	Official Fix	0.00155	0.03	CVE-2021-38155
02/06/2021	3.5	3.5	OpenStack Swift Proxy-Server Log informationsgivning	Cloud Software	Not Defined	Not Defined	0.00054	0.00	CVE-2017-8761
16/10/2020	7.7	7.4	OpenStack blazar-dashboard privilegier eskalering	Cloud Software	Not Defined	Official Fix	0.00233	0.03	CVE-2020-26943
07/05/2020	7.5	7.2	OpenStack OpenStack Keystone EC2 Credential Masquerade svag kryptering	Cloud Software	Not Defined	Official Fix	0.00765	0.00	CVE-2020-12691
12/03/2020	8.2	7.8	OpenStack Manila privilegier eskalering	Cloud Software	Not Defined	Official Fix	0.00167	0.04	CVE-2020-9543
22/11/2019	6.4	6.4	OpenStack Designate DNS Protocol förnekande av tjänsten	Cloud Software	Not Defined	Not Defined	0.00527	0.02	CVE-2015-5694
28/08/2019	8.2	7.8	OpenStack os-vif linuxbridge impl_pyroute2.py PyRoute2.add förnekande av tjänsten	Cloud Software	Not Defined	Official Fix	0.00267	0.00	CVE-2019-15753
10/09/2018	7.3	7.3	OpenStack rabbitmq privilegier eskalering	Cloud Software	Not Defined	Not Defined	0.00317	0.03	CVE-2018-14620
27/07/2018	4.9	4.9	OpenStack Workflow Service Log Directory informationsgivning	Cloud Software	Not Defined	Not Defined	0.00044	0.00	CVE-2017-2622
27/07/2018	4.9	4.9	OpenStack Orchestration Access informationsgivning	Cloud Software	Not Defined	Official Fix	0.00057	0.03	CVE-2017-2621
21/11/2017	8.5	8.4	OpenStack Swauth Middleware Authentication middleware.py svag autentisering	Cloud Software	Not Defined	Official Fix	0.00439	0.04	CVE-2017-16613

161 fler poster visas inte

🔒 Login Required

You need to signup and login to see more of the remaining 161 results.

◂ TidigareÖversiktNästa ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!