PT-2016-6202 · Openstack · Murano-Dashboard+2
Serg Melikyan
+1
·
Publicado
2016-09-26
·
Atualizado
2022-05-17
·
CVE-2016-4972
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
OpenStack Murano versions prior to 1.0.3 (liberty) and prior to 2.0.1 (mitaka)
Murano-dashboard versions prior to 1.0.3 (liberty) and prior to 2.0.1 (mitaka)
python-muranoclient versions prior to 0.7.3 (liberty) and prior to 0.8.5 (mitaka)
Description
The issue allows remote attackers to create arbitrary Python objects and execute arbitrary code via crafted extended YAML tags in UI definitions in packages. This is due to the improper use of loaders inherited from
yaml.Loader when parsing MuranoPL and UI files.Recommendations
For OpenStack Murano versions prior to 1.0.3 (liberty) and prior to 2.0.1 (mitaka), update to version 1.0.3 (liberty) or 2.0.1 (mitaka) to resolve the issue.
For Murano-dashboard versions prior to 1.0.3 (liberty) and prior to 2.0.1 (mitaka), update to version 1.0.3 (liberty) or 2.0.1 (mitaka) to resolve the issue.
For python-muranoclient versions prior to 0.7.3 (liberty) and prior to 0.8.5 (mitaka), update to version 0.7.3 (liberty) or 0.8.5 (mitaka) to resolve the issue.
Exploit
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Murano-Dashboard
Openstack Murano
Python-Muranoclient