CVE-2017-16239

Опубликовано: 14 нояб. 2017

Источник: ubuntu

Приоритет: low

CVSS2: 4

CVSS3: 6.5

Описание

In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters (for example, the ImagePropertiesFilter or the IsolatedHostsFilter). All setups using Nova Filter Scheduler are affected. Because of the regression described in Launchpad Bug #1732947, the preferred fix is a 14.x version after 14.0.10, a 15.x version after 15.0.8, or a 16.x version after 16.0.3.

Релиз	Статус	Примечание
artful	not-affected	16.0.3-0ubuntu1
bionic	not-affected	2:17.0.0~rc2-0ubuntu1
cosmic	not-affected	2:17.0.0~rc2-0ubuntu1
devel	not-affected	2:17.0.0~rc2-0ubuntu1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [code not present]]
esm-infra/bionic	not-affected	2:17.0.0~rc2-0ubuntu1
esm-infra/xenial	ignored
precise/esm	DNE
trusty	not-affected	code not present
trusty/esm	DNE	trusty was not-affected [code not present]

Показывать по

Ссылки на источники

4 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2017-16239

CVSS3: 5.4

redhat

около 8 лет назад

CVE-2017-16239

CVSS3: 6.5

nvd

около 8 лет назад

CVE-2017-16239

CVSS3: 6.5

debian

около 8 лет назад

In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x throug ...

GHSA-w2wf-cgwh-vpqg

CVSS3: 6.5

github

больше 3 лет назад

OpenStack Nova Filter Scheduler Bypass

4 Medium

CVSS2

6.5 Medium

CVSS3

CVE-2017-16239

Описание

Пакет nova

Ссылки на источники

Связанные уязвимости