[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-4056-1 nova -- nova

ID: oval:org.secpod.oval:def:603203Date: (C)2017-12-15   (M)2022-08-31
Class: PATCHFamily: unix




George Shuklin from servers.com discovered that Nova, a cloud computing fabric controller, did not correctly enforce its image- or hosts-filters. This allowed an authenticated user to bypass those filters by simply rebuilding an instance.

Platform:
Debian 9.x
Product:
nova-doc
nova-cert
nova-compute
nova-conductor
nova-api
nova-common
python-nova
nova-network
nova-volume
nova-scheduler
nova-console
nova-placement-api
nova-cells
Reference:
DSA-4056-1
CVE-2017-16239
CVE    1
CVE-2017-16239
CPE    4
cpe:/a:openstack:nova-common
cpe:/a:openstack:python-nova
cpe:/o:debian:debian_linux:9.x
cpe:/a:openstack:nova-volume
...

© SecPod Technologies