Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-7200

Опубликовано: 15 мар. 2017
Источник: redhat
CVSS3: 6.5
EPSS Низкий

Описание

An SSRF issue was discovered in OpenStack Glance before Newton. The 'copy_from' feature in the Image Service API v1 allowed an attacker to perform masked network port scans. With v1, it is possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to enumerate internal network details while appearing masked, since the scan would appear to originate from the Glance Image service.

The copy_from feature in Image Service API v1 allows an attacker to perform masked network port scans. It is possible to create images with a URL such as 'http://localhost:22'. This could allow an attacker to enumerate internal network details while appearing masked, because the scan appears to originate from the Image Service. This is classified as a Server-Side Request Forgery (SSRF). Note: Some knowledge of the internal network might be necessary to exploit this flaw internally (apart from localhost).

Отчет

Because the Image Service APIv1 was deprecated in Newton and because a workaround is possible, no fix is being made available. For impacted products and the recommended mitigation, see the Knowledge Base article for this issue: https://access.redhat.com/security/vulnerabilities/2999581

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)openstack-glanceWill not fix
Red Hat Enterprise Linux OpenStack Platform 6 (Juno)openstack-glanceWill not fix
Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)openstack-glanceWill not fix
Red Hat OpenStack Platform 8 (Liberty)openstack-glanceWill not fix
Red Hat OpenStack Platform 9 (Mitaka)openstack-glanceWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-918
https://bugzilla.redhat.com/show_bug.cgi?id=1434244openstack-glance: API v1 copy_from reveals network details

EPSS

Процентиль: 59%
0.00375
Низкий

6.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-7200

CVSS3: 5.8
ubuntu
почти 9 лет назад

An SSRF issue was discovered in OpenStack Glance before Newton. The 'copy_from' feature in the Image Service API v1 allowed an attacker to perform masked network port scans. With v1, it is possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to enumerate internal network details while appearing masked, since the scan would appear to originate from the Glance Image service.

nvd логотип

CVE-2017-7200

CVSS3: 5.8
nvd
почти 9 лет назад

An SSRF issue was discovered in OpenStack Glance before Newton. The 'copy_from' feature in the Image Service API v1 allowed an attacker to perform masked network port scans. With v1, it is possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to enumerate internal network details while appearing masked, since the scan would appear to originate from the Glance Image service.

debian логотип

CVE-2017-7200

CVSS3: 5.8
debian
почти 9 лет назад

An SSRF issue was discovered in OpenStack Glance before Newton. The 'c ...

github логотип

GHSA-j6mr-cm6x-h6jg

CVSS3: 5.8
github
больше 3 лет назад

OpenStack Glance Server-Side Request Forgery (SSRF)

EPSS

Процентиль: 59%
0.00375
Низкий

6.5 Medium

CVSS3