CVE-2023-6110

Опубликовано: 17 нояб. 2024

Источник: debian

EPSS Низкий

Описание

A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
python-openstackclient	fixed	6.3.0-2		package
python-openstackclient	no-dsa		bookworm	package
python-openstackclient	no-dsa		bullseye	package
python-openstackclient	not-affected		buster	package

Примечания

https://bugzilla.redhat.com/show_bug.cgi?id=2212960
https://bugzilla.redhat.com/show_bug.cgi?id=2209607
https://review.opendev.org/888697

EPSS

Процентиль: 31%

0.00115

Низкий

Связанные уязвимости

CVE-2023-6110

CVSS3: 5.5

ubuntu

7 месяцев назад

A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.

CVE-2023-6110

CVSS3: 5.5

redhat

больше 1 года назад

A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.

CVE-2023-6110

CVSS3: 5.5

nvd

7 месяцев назад

A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.

ROS-20241121-02

CVSS3: 5.5

redos

7 месяцев назад

Уязвимость python3-openstackclient

GHSA-2ppf-2m6f-6v6f

CVSS3: 5.5

github

7 месяцев назад

OpenStack improperly deletes access rules

EPSS

Процентиль: 31%

0.00115

Низкий