PT-2017-14361 · Openstack · Openstack Nova

George Shuklin

Publicado

2017-11-14

Atualizado

2022-05-13

CVE-2017-16239

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions OpenStack Nova versions 14.0.0 through 14.0.9 OpenStack Nova versions 15.0.0 through 15.0.7 OpenStack Nova versions 16.0.0 through 16.0.2

Description The issue allows an authenticated user to bypass imposed filters, such as the ImagePropertiesFilter or the IsolatedHostsFilter, in the Nova Filter Scheduler by rebuilding an instance. All setups using Nova Filter Scheduler are affected.

Recommendations For OpenStack Nova versions 14.0.0 through 14.0.9, update to a version after 14.0.10. For OpenStack Nova versions 15.0.0 through 15.0.7, update to a version after 15.0.8. For OpenStack Nova versions 16.0.0 through 16.0.2, update to a version after 16.0.3.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2017-16239

DSA-4056-1

GHSA-W2WF-CGWH-VPQG

RHSA-2018:0241

RHSA-2018:0314

RHSA-2018:0369

SUSE-SU-2017:3080-1

Produtos afetados

Openstack Nova

PT-2017-14361 · Openstack · Openstack Nova

CVE-2017-16239

Identificadores relacionados

Produtos afetados

Referências · 25