Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openstack platform 16.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-1636
A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any ...
Openstack Barbican -
Redhat Openstack Platform 16.1
Redhat Openstack Platform 16.2
Redhat Openstack Platform 17.0
NA
CVE-2023-2088
A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerability by detaching one of their volumes from Cinder. The highest impact is to confi...
Redhat Openstack -
NA
CVE-2023-1668
A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols ...
Cloudbase Open Vswitch 3.1.0
Cloudbase Open Vswitch
Debian Debian Linux 11.0
Redhat Virtualization 4.0
Redhat Openshift Container Platform 4.0
Redhat Openstack Platform 16.1
Redhat Openstack Platform 16.2
Redhat Openstack Platform 17.0
Redhat Fast Datapath -
NA
CVE-2022-3146
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local malicious user to use brute force to explore the relevant directory and discover the file. This issue leads...
Redhat Openstack 16.1
Redhat Openstack 16.2
Redhat Openstack For Ibm Power 16.1
Redhat Openstack For Ibm Power 16.2
Openstack Tripleo Ansible -
NA
CVE-2022-3101
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local malicious user to use brute force to explore the relevant directory and discover the file, leading to infor...
Redhat Openstack 16.1
Redhat Openstack 16.2
Redhat Openstack For Ibm Power 16.1
Redhat Openstack For Ibm Power 16.2
Openstack Tripleo Ansible -
NA
CVE-2022-3277
An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were...
Redhat Openstack Platform 16.1
Redhat Openstack Platform 13.0
Redhat Openstack Platform 16.2
Openstack Neutron
NA
CVE-2022-3100
A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API.
Openstack Barbican -
Redhat Openstack 16.1
Redhat Openstack 16.2
Redhat Openstack For Ibm Power 16.1
Redhat Openstack 13
Redhat Openstack For Ibm Power 13
Redhat Openstack For Ibm Power 16.2
Redhat Openstack 17
Redhat Openstack Platform 13.0
NA
CVE-2022-23451
An authorization flaw was found in openstack-barbican. The default policy rules for the secret metadata API allowed any authenticated user to add, modify, or delete metadata from any secret regardless of ownership. This flaw allows an attacker on the network to modify or delete p...
Openstack Barbican
Redhat Openstack Platform 16.1
Redhat Openstack Platform 13.0
Redhat Openstack Platform 16.2
NA
CVE-2022-23452
An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. This flaw allows an attacker on the network to consume protected resources and cause a denial of service.
Openstack Barbican
Redhat Openstack Platform 16.1
NA
CVE-2022-2447
A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected...
Openstack Keystone -
Redhat Storage 3.0
Redhat Quay 3.0.0
Redhat Openstack Platform 16.1
Redhat Openstack Platform 16.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »