Описание
A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenStack Platform 16.1 | openstack-keystone | Affected | ||
| Red Hat OpenStack Platform 16.2 | openstack-keystone | Affected | ||
| Red Hat OpenStack Platform 17.0 | openstack-keystone | Out of support scope | ||
| Red Hat OpenStack Platform 18.0 | openstack-keystone | Affected | ||
| Red Hat OpenStack Platform 17.1 for RHEL 8 | python-openstackclient | Fixed | RHSA-2024:2769 | 22.05.2024 |
| Red Hat OpenStack Platform 17.1 for RHEL 9 | python-openstackclient | Fixed | RHSA-2024:2737 | 22.05.2024 |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.
A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.
A flaw was found in OpenStack. When a user tries to delete a non-exist ...
Уязвимость компонента Access Rule Handler платформы облачных сервисов Red Hat OpenStack Platform, позволяющая нарушителю выполнить отказ в обслуживании
EPSS
5.5 Medium
CVSS3