Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-2637 (GCVE-0-2017-2637)
Vulnerability from cvelistv5 – Published: 2018-07-26 12:00 – Updated: 2024-08-05 14:02
VLAI?
EPSS
Summary
A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.
Severity ?
9.9 (Critical)
CWE
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| [UNKNOWN] | rhosp-director |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:06.920Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1546",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"name": "RHSA-2017:1537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637"
},
{
"name": "98576",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98576"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/solutions/3022771"
},
{
"name": "RHSA-2017:1242",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"name": "RHSA-2017:1504",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "rhosp-director",
"vendor": "[UNKNOWN]",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-05-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-27T09:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2017:1546",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"name": "RHSA-2017:1537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637"
},
{
"name": "98576",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98576"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/solutions/3022771"
},
{
"name": "RHSA-2017:1242",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"name": "RHSA-2017:1504",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-2637",
"datePublished": "2018-07-26T12:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T14:02:06.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9DAA72A4-AC7D-4544-89D4-5B07961D5A95\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E8B8C725-34CF-4340-BE7B-37E58CF706D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.\"}, {\"lang\": \"es\", \"value\": \"Se ha detectado un fallo de dise\\u00f1o en el director de Red Hat OpenStack Platform que utiliza TripleO para permitir migraciones live basadas en libvirtd. Libvirtd se implementa por defecto (por el director) escuchando en 0.0.0.0 (todas las interfaces) sin ninguna autenticaci\\u00f3n o cifrado. Cualquiera que sea capaz de hacer una conexi\\u00f3n TCP a cualquier direcci\\u00f3n IP del host, incluyendo 127.0.0.1, otras direcciones de interfaz loopback o, en algunos casos, posibles direcciones que hayan sido expuestas m\\u00e1s all\\u00e1 de la interfaz de administraci\\u00f3n, podr\\u00eda utilizar esto para abrir una sesi\\u00f3n virsh en la instancia libvirtd y obtener el control de las instancias de la m\\u00e1quina virtual o posiblemente tomar el control del host.\"}]",
"id": "CVE-2017-2637",
"lastModified": "2024-11-21T03:23:52.960",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L\", \"baseScore\": 9.9, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 3.1, \"impactScore\": 6.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 10.0, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 6.0}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2018-07-26T12:29:00.217",
"references": "[{\"url\": \"http://www.securityfocus.com/bid/98576\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1242\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1504\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1537\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1546\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/solutions/3022771\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"https://wiki.openstack.org/wiki/OSSN/OSSN-0007\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/98576\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1242\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1504\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1537\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1546\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/solutions/3022771\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"https://wiki.openstack.org/wiki/OSSN/OSSN-0007\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-306\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-306\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-2637\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2018-07-26T12:29:00.217\",\"lastModified\":\"2024-11-21T03:23:52.960\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.\"},{\"lang\":\"es\",\"value\":\"Se ha detectado un fallo de dise\u00f1o en el director de Red Hat OpenStack Platform que utiliza TripleO para permitir migraciones live basadas en libvirtd. Libvirtd se implementa por defecto (por el director) escuchando en 0.0.0.0 (todas las interfaces) sin ninguna autenticaci\u00f3n o cifrado. Cualquiera que sea capaz de hacer una conexi\u00f3n TCP a cualquier direcci\u00f3n IP del host, incluyendo 127.0.0.1, otras direcciones de interfaz loopback o, en algunos casos, posibles direcciones que hayan sido expuestas m\u00e1s all\u00e1 de la interfaz de administraci\u00f3n, podr\u00eda utilizar esto para abrir una sesi\u00f3n virsh en la instancia libvirtd y obtener el control de las instancias de la m\u00e1quina virtual o posiblemente tomar el control del host.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L\",\"baseScore\":9.9,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.1,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":10.0,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":6.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DAA72A4-AC7D-4544-89D4-5B07961D5A95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8B8C725-34CF-4340-BE7B-37E58CF706D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/98576\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1242\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1504\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1537\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1546\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/solutions/3022771\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://wiki.openstack.org/wiki/OSSN/OSSN-0007\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/98576\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1242\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1504\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1537\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1546\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/solutions/3022771\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://wiki.openstack.org/wiki/OSSN/OSSN-0007\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
GSD-2017-2637
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-2637",
"description": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"id": "GSD-2017-2637",
"references": [
"https://access.redhat.com/errata/RHSA-2017:1546",
"https://access.redhat.com/errata/RHSA-2017:1537",
"https://access.redhat.com/errata/RHSA-2017:1504",
"https://access.redhat.com/errata/RHSA-2017:1242"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-2637"
],
"details": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"id": "GSD-2017-2637",
"modified": "2023-12-13T01:21:06.152450Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2637",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "rhosp-director",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-306",
"lang": "eng",
"value": "CWE-306"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/bid/98576",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/98576"
},
{
"name": "https://access.redhat.com/errata/RHSA-2017:1242",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"name": "https://access.redhat.com/errata/RHSA-2017:1504",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
},
{
"name": "https://access.redhat.com/errata/RHSA-2017:1537",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"name": "https://access.redhat.com/errata/RHSA-2017:1546",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"name": "https://access.redhat.com/solutions/3022771",
"refsource": "MISC",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637"
},
{
"name": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"refsource": "MISC",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2637"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Mitigation",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637"
},
{
"name": "https://access.redhat.com/solutions/3022771",
"refsource": "CONFIRM",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://access.redhat.com/solutions/3022771"
},
{
"name": "RHSA-2017:1546",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"name": "RHSA-2017:1537",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"name": "RHSA-2017:1504",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
},
{
"name": "RHSA-2017:1242",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"name": "98576",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98576"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
},
"lastModifiedDate": "2023-02-12T23:29Z",
"publishedDate": "2018-07-26T12:29Z"
}
}
}
RHSA-2017_1546
Vulnerability from csaf_redhat - Published: 2017-06-20 12:44 - Updated: 2024-11-05 20:04Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 8.0 (Liberty).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)
A KCS article with more information on this flaw is available at:
https://access.redhat.com/solutions/3022771
This issue was discovered by David Gurtner (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 8.0 (Liberty).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)\n\nA KCS article with more information on this flaw is available at:\nhttps://access.redhat.com/solutions/3022771\n\nThis issue was discovered by David Gurtner (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1546",
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "1457138",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457138"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1546.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2024-11-05T20:04:11+00:00",
"generator": {
"date": "2024-11-05T20:04:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2017:1546",
"initial_release_date": "2017-06-20T12:44:42+00:00",
"revision_history": [
{
"date": "2017-06-20T12:44:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-06-20T12:44:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T20:04:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenStack 8.0 Director for RHEL 7",
"product": {
"name": "OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack-director:8::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.14-29.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-tripleoclient-0:0.3.4-14.el7ost.src",
"product": {
"name": "python-tripleoclient-0:0.3.4-14.el7ost.src",
"product_id": "python-tripleoclient-0:0.3.4-14.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@0.3.4-14.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.5-2.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.14-29.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates-kilo@0.8.14-29.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"product": {
"name": "python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"product_id": "python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@0.3.4-14.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.5-2.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:0.3.4-14.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch"
},
"product_reference": "python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:0.3.4-14.el7ost.src as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
},
"product_reference": "python-tripleoclient-0:0.3.4-14.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"David Gurtner"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2637",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2017-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1428240"
}
],
"notes": [
{
"category": "description",
"text": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhosp-director: libvirtd is deployed with no authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"category": "external",
"summary": "RHBZ#1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"release_date": "2017-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-06-20T12:44:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"category": "workaround",
"details": "A KCS article with more details on this flaw is available at: https://access.redhat.com/solutions/3022771",
"product_ids": [
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhosp-director: libvirtd is deployed with no authentication"
}
]
}
RHSA-2017_1242
Vulnerability from csaf_redhat - Published: 2017-05-17 12:19 - Updated: 2024-11-14 22:40Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 10.0 (Newton).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)
A KCS article with more information on this flaw is available at:
https://access.redhat.com/solutions/3022771
This issue was discovered by David Gurtner (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 10.0 (Newton).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)\n\nA KCS article with more information on this flaw is available at:\nhttps://access.redhat.com/solutions/3022771\n\nThis issue was discovered by David Gurtner (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1242",
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "1416228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416228"
},
{
"category": "external",
"summary": "1428017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428017"
},
{
"category": "external",
"summary": "1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "1437016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1437016"
},
{
"category": "external",
"summary": "1441982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441982"
},
{
"category": "external",
"summary": "1448062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448062"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1242.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2024-11-14T22:40:07+00:00",
"generator": {
"date": "2024-11-14T22:40:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:1242",
"initial_release_date": "2017-05-17T12:19:05+00:00",
"revision_history": [
{
"date": "2017-05-17T12:19:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-05-17T12:19:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T22:40:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 10.0",
"product": {
"name": "Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:10::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@5.2.0-3.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-1:14.0.3-9.el7ost.src",
"product": {
"name": "openstack-nova-1:14.0.3-9.el7ost.src",
"product_id": "openstack-nova-1:14.0.3-9.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova@14.0.3-9.el7ost?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "puppet-nova-0:9.5.0-4.el7ost.src",
"product": {
"name": "puppet-nova-0:9.5.0-4.el7ost.src",
"product_id": "puppet-nova-0:9.5.0-4.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-nova@9.5.0-4.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:5.5.0-12.el7ost.src",
"product": {
"name": "puppet-tripleo-0:5.5.0-12.el7ost.src",
"product_id": "puppet-tripleo-0:5.5.0-12.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@5.5.0-12.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"product": {
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"product_id": "openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common@5.4.1-6.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@5.2.0-15.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@5.2.0-3.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-placement-api@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-cells@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-novncproxy@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-migration@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-conductor@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-api@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-nova-tests-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "python-nova-tests-1:14.0.3-9.el7ost.noarch",
"product_id": "python-nova-tests-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nova-tests@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-serialproxy@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-cert@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-common@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-scheduler@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-nova-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "python-nova-1:14.0.3-9.el7ost.noarch",
"product_id": "python-nova-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nova@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-compute@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-spicehtml5proxy@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-console@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-network@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "puppet-nova-0:9.5.0-4.el7ost.noarch",
"product": {
"name": "puppet-nova-0:9.5.0-4.el7ost.noarch",
"product_id": "puppet-nova-0:9.5.0-4.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-nova@9.5.0-4.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"product": {
"name": "puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"product_id": "puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@5.5.0-12.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"product": {
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"product_id": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common@5.4.1-6.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@5.2.0-15.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-1:14.0.3-9.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src"
},
"product_reference": "openstack-nova-1:14.0.3-9.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-api-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-common-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-console-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-network-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch"
},
"product_reference": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src"
},
"product_reference": "openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-nova-0:9.5.0-4.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch"
},
"product_reference": "puppet-nova-0:9.5.0-4.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-nova-0:9.5.0-4.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src"
},
"product_reference": "puppet-nova-0:9.5.0-4.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:5.5.0-12.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch"
},
"product_reference": "puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:5.5.0-12.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src"
},
"product_reference": "puppet-tripleo-0:5.5.0-12.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nova-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "python-nova-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nova-tests-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "python-nova-tests-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"David Gurtner"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2637",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2017-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1428240"
}
],
"notes": [
{
"category": "description",
"text": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhosp-director: libvirtd is deployed with no authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src",
"7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"category": "external",
"summary": "RHBZ#1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"release_date": "2017-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-05-17T12:19:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src",
"7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"category": "workaround",
"details": "A KCS article with more details on this flaw is available at: https://access.redhat.com/solutions/3022771",
"product_ids": [
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src",
"7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src",
"7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhosp-director: libvirtd is deployed with no authentication"
}
]
}
RHSA-2017_1537
Vulnerability from csaf_redhat - Published: 2017-06-20 12:23 - Updated: 2024-11-05 20:04Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 7.0 (Kilo).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)
A KCS article with more information on this flaw is available at:
https://access.redhat.com/solutions/3022771
This issue was discovered by David Gurtner (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 7.0 (Kilo).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)\n\nA KCS article with more information on this flaw is available at:\nhttps://access.redhat.com/solutions/3022771\n\nThis issue was discovered by David Gurtner (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1537",
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1537.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2024-11-05T20:04:06+00:00",
"generator": {
"date": "2024-11-05T20:04:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2017:1537",
"initial_release_date": "2017-06-20T12:23:41+00:00",
"revision_history": [
{
"date": "2017-06-20T12:23:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-06-20T12:23:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T20:04:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenStack 7.0 Director for RHEL 7",
"product": {
"name": "OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack-director:7::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.6-135.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src",
"product": {
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src",
"product_id": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-rdomanager-oscplugin@0.0.10-34.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.1-6.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.6-135.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"product": {
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"product_id": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-rdomanager-oscplugin@0.0.10-34.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.1-6.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch"
},
"product_reference": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
},
"product_reference": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"David Gurtner"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2637",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2017-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1428240"
}
],
"notes": [
{
"category": "description",
"text": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhosp-director: libvirtd is deployed with no authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"category": "external",
"summary": "RHBZ#1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"release_date": "2017-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-06-20T12:23:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"category": "workaround",
"details": "A KCS article with more details on this flaw is available at: https://access.redhat.com/solutions/3022771",
"product_ids": [
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhosp-director: libvirtd is deployed with no authentication"
}
]
}
RHSA-2017:1504
Vulnerability from csaf_redhat - Published: 2017-06-19 14:45 - Updated: 2025-11-21 18:01Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 9.0 (Mitaka).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)
A KCS article with more information on this flaw is available at:
https://access.redhat.com/solutions/3022771
This issue was discovered by David Gurtner (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 9.0 (Mitaka).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)\n\nA KCS article with more information on this flaw is available at:\nhttps://access.redhat.com/solutions/3022771\n\nThis issue was discovered by David Gurtner (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1504",
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "1431673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1431673"
},
{
"category": "external",
"summary": "1457132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457132"
},
{
"category": "external",
"summary": "1457738",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457738"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1504.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2025-11-21T18:01:00+00:00",
"generator": {
"date": "2025-11-21T18:01:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:1504",
"initial_release_date": "2017-06-19T14:45:36+00:00",
"revision_history": [
{
"date": "2017-06-19T14:45:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-06-19T14:45:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:01:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenStack 9.0 Director for RHEL 7",
"product": {
"name": "OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack-director:9::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-tripleoclient-0:2.0.0-14.el7ost.src",
"product": {
"name": "python-tripleoclient-0:2.0.0-14.el7ost.src",
"product_id": "python-tripleoclient-0:2.0.0-14.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@2.0.0-14.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@2.0.0-6.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@2.0.0-57.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"product": {
"name": "python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"product_id": "python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@2.0.0-14.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@2.0.0-6.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@2.0.0-57.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates-liberty@2.0.0-57.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:2.0.0-14.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch"
},
"product_reference": "python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:2.0.0-14.el7ost.src as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
},
"product_reference": "python-tripleoclient-0:2.0.0-14.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"David Gurtner"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2637",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2017-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1428240"
}
],
"notes": [
{
"category": "description",
"text": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhosp-director: libvirtd is deployed with no authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"category": "external",
"summary": "RHBZ#1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"release_date": "2017-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-06-19T14:45:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
},
{
"category": "workaround",
"details": "A KCS article with more details on this flaw is available at: https://access.redhat.com/solutions/3022771",
"product_ids": [
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhosp-director: libvirtd is deployed with no authentication"
}
]
}
RHSA-2017:1537
Vulnerability from csaf_redhat - Published: 2017-06-20 12:23 - Updated: 2025-11-21 18:01Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 7.0 (Kilo).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)
A KCS article with more information on this flaw is available at:
https://access.redhat.com/solutions/3022771
This issue was discovered by David Gurtner (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 7.0 (Kilo).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)\n\nA KCS article with more information on this flaw is available at:\nhttps://access.redhat.com/solutions/3022771\n\nThis issue was discovered by David Gurtner (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1537",
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1537.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2025-11-21T18:01:01+00:00",
"generator": {
"date": "2025-11-21T18:01:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:1537",
"initial_release_date": "2017-06-20T12:23:41+00:00",
"revision_history": [
{
"date": "2017-06-20T12:23:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-06-20T12:23:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:01:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenStack 7.0 Director for RHEL 7",
"product": {
"name": "OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack-director:7::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.6-135.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src",
"product": {
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src",
"product_id": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-rdomanager-oscplugin@0.0.10-34.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.1-6.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.6-135.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"product": {
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"product_id": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-rdomanager-oscplugin@0.0.10-34.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.1-6.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch"
},
"product_reference": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
},
"product_reference": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"David Gurtner"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2637",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2017-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1428240"
}
],
"notes": [
{
"category": "description",
"text": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhosp-director: libvirtd is deployed with no authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"category": "external",
"summary": "RHBZ#1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"release_date": "2017-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-06-20T12:23:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"category": "workaround",
"details": "A KCS article with more details on this flaw is available at: https://access.redhat.com/solutions/3022771",
"product_ids": [
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhosp-director: libvirtd is deployed with no authentication"
}
]
}
RHSA-2017:1546
Vulnerability from csaf_redhat - Published: 2017-06-20 12:44 - Updated: 2025-11-21 18:01Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 8.0 (Liberty).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)
A KCS article with more information on this flaw is available at:
https://access.redhat.com/solutions/3022771
This issue was discovered by David Gurtner (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 8.0 (Liberty).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)\n\nA KCS article with more information on this flaw is available at:\nhttps://access.redhat.com/solutions/3022771\n\nThis issue was discovered by David Gurtner (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1546",
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "1457138",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457138"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1546.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2025-11-21T18:01:01+00:00",
"generator": {
"date": "2025-11-21T18:01:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:1546",
"initial_release_date": "2017-06-20T12:44:42+00:00",
"revision_history": [
{
"date": "2017-06-20T12:44:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-06-20T12:44:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:01:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenStack 8.0 Director for RHEL 7",
"product": {
"name": "OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack-director:8::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.14-29.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-tripleoclient-0:0.3.4-14.el7ost.src",
"product": {
"name": "python-tripleoclient-0:0.3.4-14.el7ost.src",
"product_id": "python-tripleoclient-0:0.3.4-14.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@0.3.4-14.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.5-2.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.14-29.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates-kilo@0.8.14-29.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"product": {
"name": "python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"product_id": "python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@0.3.4-14.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.5-2.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:0.3.4-14.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch"
},
"product_reference": "python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:0.3.4-14.el7ost.src as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
},
"product_reference": "python-tripleoclient-0:0.3.4-14.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"David Gurtner"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2637",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2017-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1428240"
}
],
"notes": [
{
"category": "description",
"text": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhosp-director: libvirtd is deployed with no authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"category": "external",
"summary": "RHBZ#1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"release_date": "2017-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-06-20T12:44:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"category": "workaround",
"details": "A KCS article with more details on this flaw is available at: https://access.redhat.com/solutions/3022771",
"product_ids": [
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhosp-director: libvirtd is deployed with no authentication"
}
]
}
RHSA-2017_1504
Vulnerability from csaf_redhat - Published: 2017-06-19 14:45 - Updated: 2024-11-05 20:04Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 9.0 (Mitaka).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)
A KCS article with more information on this flaw is available at:
https://access.redhat.com/solutions/3022771
This issue was discovered by David Gurtner (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 9.0 (Mitaka).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)\n\nA KCS article with more information on this flaw is available at:\nhttps://access.redhat.com/solutions/3022771\n\nThis issue was discovered by David Gurtner (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1504",
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "1431673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1431673"
},
{
"category": "external",
"summary": "1457132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457132"
},
{
"category": "external",
"summary": "1457738",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457738"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1504.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2024-11-05T20:04:15+00:00",
"generator": {
"date": "2024-11-05T20:04:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2017:1504",
"initial_release_date": "2017-06-19T14:45:36+00:00",
"revision_history": [
{
"date": "2017-06-19T14:45:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-06-19T14:45:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T20:04:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenStack 9.0 Director for RHEL 7",
"product": {
"name": "OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack-director:9::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-tripleoclient-0:2.0.0-14.el7ost.src",
"product": {
"name": "python-tripleoclient-0:2.0.0-14.el7ost.src",
"product_id": "python-tripleoclient-0:2.0.0-14.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@2.0.0-14.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@2.0.0-6.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@2.0.0-57.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"product": {
"name": "python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"product_id": "python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@2.0.0-14.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@2.0.0-6.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@2.0.0-57.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates-liberty@2.0.0-57.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:2.0.0-14.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch"
},
"product_reference": "python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:2.0.0-14.el7ost.src as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
},
"product_reference": "python-tripleoclient-0:2.0.0-14.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"David Gurtner"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2637",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2017-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1428240"
}
],
"notes": [
{
"category": "description",
"text": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhosp-director: libvirtd is deployed with no authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"category": "external",
"summary": "RHBZ#1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"release_date": "2017-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-06-19T14:45:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
},
{
"category": "workaround",
"details": "A KCS article with more details on this flaw is available at: https://access.redhat.com/solutions/3022771",
"product_ids": [
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhosp-director: libvirtd is deployed with no authentication"
}
]
}
RHSA-2017:1242
Vulnerability from csaf_redhat - Published: 2017-05-17 12:19 - Updated: 2025-11-21 18:00Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 10.0 (Newton).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)
A KCS article with more information on this flaw is available at:
https://access.redhat.com/solutions/3022771
This issue was discovered by David Gurtner (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 10.0 (Newton).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)\n\nA KCS article with more information on this flaw is available at:\nhttps://access.redhat.com/solutions/3022771\n\nThis issue was discovered by David Gurtner (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1242",
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "1416228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416228"
},
{
"category": "external",
"summary": "1428017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428017"
},
{
"category": "external",
"summary": "1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "1437016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1437016"
},
{
"category": "external",
"summary": "1441982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441982"
},
{
"category": "external",
"summary": "1448062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448062"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1242.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2025-11-21T18:00:32+00:00",
"generator": {
"date": "2025-11-21T18:00:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:1242",
"initial_release_date": "2017-05-17T12:19:05+00:00",
"revision_history": [
{
"date": "2017-05-17T12:19:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-05-17T12:19:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:00:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 10.0",
"product": {
"name": "Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:10::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@5.2.0-3.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-1:14.0.3-9.el7ost.src",
"product": {
"name": "openstack-nova-1:14.0.3-9.el7ost.src",
"product_id": "openstack-nova-1:14.0.3-9.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova@14.0.3-9.el7ost?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "puppet-nova-0:9.5.0-4.el7ost.src",
"product": {
"name": "puppet-nova-0:9.5.0-4.el7ost.src",
"product_id": "puppet-nova-0:9.5.0-4.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-nova@9.5.0-4.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:5.5.0-12.el7ost.src",
"product": {
"name": "puppet-tripleo-0:5.5.0-12.el7ost.src",
"product_id": "puppet-tripleo-0:5.5.0-12.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@5.5.0-12.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"product": {
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"product_id": "openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common@5.4.1-6.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@5.2.0-15.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@5.2.0-3.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-placement-api@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-cells@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-novncproxy@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-migration@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-conductor@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-api@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-nova-tests-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "python-nova-tests-1:14.0.3-9.el7ost.noarch",
"product_id": "python-nova-tests-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nova-tests@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-serialproxy@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-cert@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-common@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-scheduler@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-nova-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "python-nova-1:14.0.3-9.el7ost.noarch",
"product_id": "python-nova-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nova@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-compute@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-spicehtml5proxy@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-console@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-network@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "puppet-nova-0:9.5.0-4.el7ost.noarch",
"product": {
"name": "puppet-nova-0:9.5.0-4.el7ost.noarch",
"product_id": "puppet-nova-0:9.5.0-4.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-nova@9.5.0-4.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"product": {
"name": "puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"product_id": "puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@5.5.0-12.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"product": {
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"product_id": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common@5.4.1-6.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@5.2.0-15.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-1:14.0.3-9.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src"
},
"product_reference": "openstack-nova-1:14.0.3-9.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-api-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-common-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-console-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-network-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch"
},
"product_reference": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src"
},
"product_reference": "openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-nova-0:9.5.0-4.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch"
},
"product_reference": "puppet-nova-0:9.5.0-4.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-nova-0:9.5.0-4.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src"
},
"product_reference": "puppet-nova-0:9.5.0-4.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:5.5.0-12.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch"
},
"product_reference": "puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:5.5.0-12.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src"
},
"product_reference": "puppet-tripleo-0:5.5.0-12.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nova-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "python-nova-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nova-tests-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "python-nova-tests-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"David Gurtner"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2637",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2017-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1428240"
}
],
"notes": [
{
"category": "description",
"text": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhosp-director: libvirtd is deployed with no authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src",
"7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"category": "external",
"summary": "RHBZ#1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"release_date": "2017-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-05-17T12:19:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src",
"7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"category": "workaround",
"details": "A KCS article with more details on this flaw is available at: https://access.redhat.com/solutions/3022771",
"product_ids": [
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src",
"7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src",
"7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhosp-director: libvirtd is deployed with no authentication"
}
]
}
FKIE_CVE-2017-2637
Vulnerability from fkie_nvd - Published: 2018-07-26 12:29 - Updated: 2024-11-21 03:23
Severity ?
9.9 (Critical) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
10.0 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DAA72A4-AC7D-4544-89D4-5B07961D5A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B8C725-34CF-4340-BE7B-37E58CF706D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*",
"matchCriteriaId": "F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*",
"matchCriteriaId": "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host."
},
{
"lang": "es",
"value": "Se ha detectado un fallo de dise\u00f1o en el director de Red Hat OpenStack Platform que utiliza TripleO para permitir migraciones live basadas en libvirtd. Libvirtd se implementa por defecto (por el director) escuchando en 0.0.0.0 (todas las interfaces) sin ninguna autenticaci\u00f3n o cifrado. Cualquiera que sea capaz de hacer una conexi\u00f3n TCP a cualquier direcci\u00f3n IP del host, incluyendo 127.0.0.1, otras direcciones de interfaz loopback o, en algunos casos, posibles direcciones que hayan sido expuestas m\u00e1s all\u00e1 de la interfaz de administraci\u00f3n, podr\u00eda utilizar esto para abrir una sesi\u00f3n virsh en la instancia libvirtd y obtener el control de las instancias de la m\u00e1quina virtual o posiblemente tomar el control del host."
}
],
"id": "CVE-2017-2637",
"lastModified": "2024-11-21T03:23:52.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-26T12:29:00.217",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98576"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://access.redhat.com/solutions/3022771"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mitigation",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://access.redhat.com/solutions/3022771"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mitigation",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
CNVD-2017-10580
Vulnerability from cnvd - Published: 2017-06-22
VLAI Severity ?
Title
Red Hat OpenStack Platform远程提权漏洞
Description
Red Hat OpenStack Platform是美国红帽(Red Hat)公司的一套为私有云、公有云和混合云提供下一代IaaS(基础设施即服务)核心的平台。
RedHat OpenStack Platformis存在远程提权漏洞。攻击者可以利用该漏洞获取权限提升。
Severity
高
Patch Name
Red Hat OpenStack Platform远程提权漏洞的补丁
Patch Description
Red Hat OpenStack Platform是美国红帽(Red Hat)公司的一套为私有云、公有云和混合云提供下一代IaaS(基础设施即服务)核心的平台。
RedHat OpenStack Platformis存在远程提权漏洞。攻击者可以利用该漏洞获取权限提升。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可参考如下厂商提供的安全补丁以修复该漏洞: https://rhn.redhat.com/errata/RHSA-2017-1242.html
Reference
http://www.securityfocus.com/bid/98576
Impacted products
| Name | ['Red Hat OpenStack Platform 10', 'Red Hat OpenStack Platform Director 9.0', 'Red Hat OpenStack 8.0 Director for RHEL 70', 'Red Hat OpenStack 7.0 Director for RHEL 70'] |
|---|
{
"bids": {
"bid": {
"bidNumber": "98576"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2017-2637",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2637"
}
},
"description": "Red Hat OpenStack Platform\u662f\u7f8e\u56fd\u7ea2\u5e3d\uff08Red Hat\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e3a\u79c1\u6709\u4e91\u3001\u516c\u6709\u4e91\u548c\u6df7\u5408\u4e91\u63d0\u4f9b\u4e0b\u4e00\u4ee3IaaS\uff08\u57fa\u7840\u8bbe\u65bd\u5373\u670d\u52a1\uff09\u6838\u5fc3\u7684\u5e73\u53f0\u3002\r\n\r\nRedHat OpenStack Platformis\u5b58\u5728\u8fdc\u7a0b\u63d0\u6743\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u6743\u9650\u63d0\u5347\u3002",
"discovererName": "David Gurtner (Red Hat)",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://rhn.redhat.com/errata/RHSA-2017-1242.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-10580",
"openTime": "2017-06-22",
"patchDescription": "Red Hat OpenStack Platform\u662f\u7f8e\u56fd\u7ea2\u5e3d\uff08Red Hat\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e3a\u79c1\u6709\u4e91\u3001\u516c\u6709\u4e91\u548c\u6df7\u5408\u4e91\u63d0\u4f9b\u4e0b\u4e00\u4ee3IaaS\uff08\u57fa\u7840\u8bbe\u65bd\u5373\u670d\u52a1\uff09\u6838\u5fc3\u7684\u5e73\u53f0\u3002\r\n\r\nRedHat OpenStack Platformis\u5b58\u5728\u8fdc\u7a0b\u63d0\u6743\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u6743\u9650\u63d0\u5347\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Red Hat OpenStack Platform\u8fdc\u7a0b\u63d0\u6743\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Red Hat OpenStack Platform 10",
"Red Hat OpenStack Platform Director 9.0",
"Red Hat OpenStack 8.0 Director for RHEL 70",
"Red Hat OpenStack 7.0 Director for RHEL 70"
]
},
"referenceLink": "http://www.securityfocus.com/bid/98576",
"serverity": "\u9ad8",
"submitTime": "2017-05-24",
"title": "Red Hat OpenStack Platform\u8fdc\u7a0b\u63d0\u6743\u6f0f\u6d1e"
}
GHSA-W8FQ-H7PG-632C
Vulnerability from github – Published: 2022-05-13 01:07 – Updated: 2022-05-13 01:07
VLAI?
Details
A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.
Severity ?
10.0 (Critical)
{
"affected": [],
"aliases": [
"CVE-2017-2637"
],
"database_specific": {
"cwe_ids": [
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-07-26T12:29:00Z",
"severity": "CRITICAL"
},
"details": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"id": "GHSA-w8fq-h7pg-632c",
"modified": "2022-05-13T01:07:32Z",
"published": "2022-05-13T01:07:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"type": "WEB",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637"
},
{
"type": "WEB",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/98576"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…