CVE-2023-6110

Опубликовано: 24 янв. 2024

Источник: redhat

CVSS3: 5.5

Описание

A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat OpenStack Platform 16.1	openstack-keystone	Affected
Red Hat OpenStack Platform 16.2	openstack-keystone	Affected
Red Hat OpenStack Platform 17.0	openstack-keystone	Out of support scope
Red Hat OpenStack Platform 18.0	openstack-keystone	Affected
Red Hat OpenStack Platform 17.1 for RHEL 8	python-openstackclient	Fixed	RHSA-2024:2769	22.05.2024
Red Hat OpenStack Platform 17.1 for RHEL 9	python-openstackclient	Fixed	RHSA-2024:2737	22.05.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-237

https://bugzilla.redhat.com/show_bug.cgi?id=2212960openstack: deleting a non existing access rule deletes another existing access rule in it's scope

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2023-6110

CVSS3: 5.5

ubuntu

7 месяцев назад

A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.

CVE-2023-6110

CVSS3: 5.5

nvd

7 месяцев назад

A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.

CVE-2023-6110

CVSS3: 5.5

debian

7 месяцев назад

A flaw was found in OpenStack. When a user tries to delete a non-exist ...

ROS-20241121-02

CVSS3: 5.5

redos

7 месяцев назад

Уязвимость python3-openstackclient

GHSA-2ppf-2m6f-6v6f

CVSS3: 5.5

github

7 месяцев назад

OpenStack improperly deletes access rules

5.5 Medium

CVSS3