Описание
Swift3 before 1.9 allows remote attackers to conduct replay attacks via an Authorization request that lacks a Date header.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse) | openstack-swift-plugin-swift3 | Will not fix | ||
| Red Hat Enterprise Linux OpenStack Platform 6 (Juno) | openstack-swift-plugin-swift3 | Will not fix | ||
| Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) | openstack-swift-plugin-swift3 | Will not fix | ||
| Red Hat Gluster Storage 3.1 | openstack-swift-plugin-swift3 | Not affected | ||
| Red Hat OpenStack Platform 8 (Liberty) | openstack-swift-plugin-swift3 | Affected |
Показывать по
10
Дополнительная информация
Статус:
Low
https://bugzilla.redhat.com/show_bug.cgi?id=1290664openstack-swift-plugin3: replay attack - date/date header unvalidated
EPSS
Процентиль: 56%
0.00344
Низкий
4.3 Medium
CVSS2
Связанные уязвимости
CVSS3: 7.4
ubuntu
около 10 лет назад
Swift3 before 1.9 allows remote attackers to conduct replay attacks via an Authorization request that lacks a Date header.
CVSS3: 7.4
nvd
около 10 лет назад
Swift3 before 1.9 allows remote attackers to conduct replay attacks via an Authorization request that lacks a Date header.
CVSS3: 7.4
debian
около 10 лет назад
Swift3 before 1.9 allows remote attackers to conduct replay attacks vi ...
CVSS3: 7.4
github
больше 3 лет назад
Swift3 before 1.9 allows remote attackers to conduct replay attacks via an Authorization request that lacks a Date header.
EPSS
Процентиль: 56%
0.00344
Низкий
4.3 Medium
CVSS2