Описание
When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd (which is equivalent to root access). If a vulnerability exists in another service it could, combined with this flaw, be exploited to escalate privileges to gain control over compute nodes.
When libvirtd is configured by OSP director (tripleo-heat-templates) to use TLS transport, it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured, this allows these services to connect to libvirtd (which is equivalent to root access). If a vulnerability exists in another service it could, combined with this flaw, be exploited to escalate privileges to gain control over compute nodes.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) Director | rhosp-director | Not affected | ||
| Red Hat OpenStack Platform 10 (Newton) | rhosp-director | Not affected | ||
| Red Hat OpenStack Platform 11 (Ocata) | rhosp-director | Not affected | ||
| Red Hat OpenStack Platform 12 (Pike) | rhosp-director | Not affected | ||
| Red Hat OpenStack Platform 8 (Liberty) Director | rhosp-director | Not affected | ||
| Red Hat OpenStack Platform 9 (Mitaka) Director | rhosp-director | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
7.6 High
CVSS3
Связанные уязвимости
When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd (which is equivalent to root access). If a vulnerability exists in another service it could, combined with this flaw, be exploited to escalate privileges to gain control over compute nodes.
When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd (which is equivalent to root access). If a vulnerability exists in another service it could, combined with this flaw, be exploited to escalate privileges to gain control over compute nodes.
When libvirtd is configured by OSP director (tripleo-heat-templates) t ...
When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd (which is equivalent to root access). If a vulnerability exists in another service it could, combined with this flaw, be exploited to escalate privileges to gain control over compute nodes.
EPSS
7.6 High
CVSS3