Описание
A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:openstack:barbican:-:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:a:redhat:openstack:13:*:*:*:els:*:*:*
cpe:2.3:a:redhat:openstack:16.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:16.2:-:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:17:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack_for_ibm_power:13:*:*:*:els:*:*:*
cpe:2.3:a:redhat:openstack_for_ibm_power:16.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack_for_ibm_power:16.2:*:*:*:*:*:*:*
Конфигурация 3
Одновременно
cpe:2.3:a:redhat:openstack_platform:13.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
EPSS
Процентиль: 43%
0.00206
Низкий
5.9 Medium
CVSS3
Дефекты
CWE-305
Связанные уязвимости
CVSS3: 5.9
ubuntu
около 3 лет назад
A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API.
CVSS3: 7.1
redhat
больше 3 лет назад
A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API.
CVSS3: 5.9
debian
около 3 лет назад
A flaw was found in the openstack-barbican component. This issue allow ...
CVSS3: 5.9
github
около 3 лет назад
A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API.
EPSS
Процентиль: 43%
0.00206
Низкий
5.9 Medium
CVSS3
Дефекты
CWE-305