Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-2637 (GCVE-0-2017-2637)
Vulnerability from cvelistv5
Published
2018-07-26 12:00
Modified
2024-08-05 14:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| [UNKNOWN] | rhosp-director |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:06.920Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1546",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"name": "RHSA-2017:1537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637"
},
{
"name": "98576",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98576"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/solutions/3022771"
},
{
"name": "RHSA-2017:1242",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"name": "RHSA-2017:1504",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "rhosp-director",
"vendor": "[UNKNOWN]",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-05-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-27T09:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2017:1546",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"name": "RHSA-2017:1537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637"
},
{
"name": "98576",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98576"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/solutions/3022771"
},
{
"name": "RHSA-2017:1242",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"name": "RHSA-2017:1504",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-2637",
"datePublished": "2018-07-26T12:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T14:02:06.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2017-2637\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2018-07-26T12:29:00.217\",\"lastModified\":\"2024-11-21T03:23:52.960\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.\"},{\"lang\":\"es\",\"value\":\"Se ha detectado un fallo de dise\u00f1o en el director de Red Hat OpenStack Platform que utiliza TripleO para permitir migraciones live basadas en libvirtd. Libvirtd se implementa por defecto (por el director) escuchando en 0.0.0.0 (todas las interfaces) sin ninguna autenticaci\u00f3n o cifrado. Cualquiera que sea capaz de hacer una conexi\u00f3n TCP a cualquier direcci\u00f3n IP del host, incluyendo 127.0.0.1, otras direcciones de interfaz loopback o, en algunos casos, posibles direcciones que hayan sido expuestas m\u00e1s all\u00e1 de la interfaz de administraci\u00f3n, podr\u00eda utilizar esto para abrir una sesi\u00f3n virsh en la instancia libvirtd y obtener el control de las instancias de la m\u00e1quina virtual o posiblemente tomar el control del host.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L\",\"baseScore\":9.9,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.1,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":10.0,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":6.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DAA72A4-AC7D-4544-89D4-5B07961D5A95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8B8C725-34CF-4340-BE7B-37E58CF706D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/98576\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1242\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1504\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1537\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1546\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/solutions/3022771\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://wiki.openstack.org/wiki/OSSN/OSSN-0007\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/98576\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1242\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1504\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1537\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1546\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/solutions/3022771\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://wiki.openstack.org/wiki/OSSN/OSSN-0007\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
rhsa-2017:1546
Vulnerability from csaf_redhat
Published
2017-06-20 12:44
Modified
2025-11-21 18:01
Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 8.0 (Liberty).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)
A KCS article with more information on this flaw is available at:
https://access.redhat.com/solutions/3022771
This issue was discovered by David Gurtner (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 8.0 (Liberty).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)\n\nA KCS article with more information on this flaw is available at:\nhttps://access.redhat.com/solutions/3022771\n\nThis issue was discovered by David Gurtner (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1546",
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "1457138",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457138"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1546.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2025-11-21T18:01:01+00:00",
"generator": {
"date": "2025-11-21T18:01:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:1546",
"initial_release_date": "2017-06-20T12:44:42+00:00",
"revision_history": [
{
"date": "2017-06-20T12:44:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-06-20T12:44:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:01:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenStack 8.0 Director for RHEL 7",
"product": {
"name": "OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack-director:8::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.14-29.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-tripleoclient-0:0.3.4-14.el7ost.src",
"product": {
"name": "python-tripleoclient-0:0.3.4-14.el7ost.src",
"product_id": "python-tripleoclient-0:0.3.4-14.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@0.3.4-14.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.5-2.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.14-29.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates-kilo@0.8.14-29.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"product": {
"name": "python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"product_id": "python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@0.3.4-14.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.5-2.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:0.3.4-14.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch"
},
"product_reference": "python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:0.3.4-14.el7ost.src as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
},
"product_reference": "python-tripleoclient-0:0.3.4-14.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"David Gurtner"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2637",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2017-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1428240"
}
],
"notes": [
{
"category": "description",
"text": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhosp-director: libvirtd is deployed with no authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"category": "external",
"summary": "RHBZ#1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"release_date": "2017-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-06-20T12:44:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"category": "workaround",
"details": "A KCS article with more details on this flaw is available at: https://access.redhat.com/solutions/3022771",
"product_ids": [
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhosp-director: libvirtd is deployed with no authentication"
}
]
}
rhsa-2017:1537
Vulnerability from csaf_redhat
Published
2017-06-20 12:23
Modified
2025-11-21 18:01
Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 7.0 (Kilo).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)
A KCS article with more information on this flaw is available at:
https://access.redhat.com/solutions/3022771
This issue was discovered by David Gurtner (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 7.0 (Kilo).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)\n\nA KCS article with more information on this flaw is available at:\nhttps://access.redhat.com/solutions/3022771\n\nThis issue was discovered by David Gurtner (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1537",
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1537.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2025-11-21T18:01:01+00:00",
"generator": {
"date": "2025-11-21T18:01:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:1537",
"initial_release_date": "2017-06-20T12:23:41+00:00",
"revision_history": [
{
"date": "2017-06-20T12:23:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-06-20T12:23:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:01:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenStack 7.0 Director for RHEL 7",
"product": {
"name": "OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack-director:7::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.6-135.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src",
"product": {
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src",
"product_id": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-rdomanager-oscplugin@0.0.10-34.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.1-6.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.6-135.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"product": {
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"product_id": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-rdomanager-oscplugin@0.0.10-34.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.1-6.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch"
},
"product_reference": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
},
"product_reference": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"David Gurtner"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2637",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2017-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1428240"
}
],
"notes": [
{
"category": "description",
"text": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhosp-director: libvirtd is deployed with no authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"category": "external",
"summary": "RHBZ#1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"release_date": "2017-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-06-20T12:23:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"category": "workaround",
"details": "A KCS article with more details on this flaw is available at: https://access.redhat.com/solutions/3022771",
"product_ids": [
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhosp-director: libvirtd is deployed with no authentication"
}
]
}
rhsa-2017:1504
Vulnerability from csaf_redhat
Published
2017-06-19 14:45
Modified
2025-11-21 18:01
Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 9.0 (Mitaka).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)
A KCS article with more information on this flaw is available at:
https://access.redhat.com/solutions/3022771
This issue was discovered by David Gurtner (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 9.0 (Mitaka).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)\n\nA KCS article with more information on this flaw is available at:\nhttps://access.redhat.com/solutions/3022771\n\nThis issue was discovered by David Gurtner (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1504",
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "1431673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1431673"
},
{
"category": "external",
"summary": "1457132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457132"
},
{
"category": "external",
"summary": "1457738",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457738"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1504.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2025-11-21T18:01:00+00:00",
"generator": {
"date": "2025-11-21T18:01:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:1504",
"initial_release_date": "2017-06-19T14:45:36+00:00",
"revision_history": [
{
"date": "2017-06-19T14:45:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-06-19T14:45:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:01:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenStack 9.0 Director for RHEL 7",
"product": {
"name": "OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack-director:9::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-tripleoclient-0:2.0.0-14.el7ost.src",
"product": {
"name": "python-tripleoclient-0:2.0.0-14.el7ost.src",
"product_id": "python-tripleoclient-0:2.0.0-14.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@2.0.0-14.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@2.0.0-6.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@2.0.0-57.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"product": {
"name": "python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"product_id": "python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@2.0.0-14.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@2.0.0-6.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@2.0.0-57.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates-liberty@2.0.0-57.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:2.0.0-14.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch"
},
"product_reference": "python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:2.0.0-14.el7ost.src as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
},
"product_reference": "python-tripleoclient-0:2.0.0-14.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"David Gurtner"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2637",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2017-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1428240"
}
],
"notes": [
{
"category": "description",
"text": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhosp-director: libvirtd is deployed with no authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"category": "external",
"summary": "RHBZ#1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"release_date": "2017-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-06-19T14:45:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
},
{
"category": "workaround",
"details": "A KCS article with more details on this flaw is available at: https://access.redhat.com/solutions/3022771",
"product_ids": [
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhosp-director: libvirtd is deployed with no authentication"
}
]
}
RHSA-2017:1242
Vulnerability from csaf_redhat
Published
2017-05-17 12:19
Modified
2025-11-21 18:00
Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 10.0 (Newton).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)
A KCS article with more information on this flaw is available at:
https://access.redhat.com/solutions/3022771
This issue was discovered by David Gurtner (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 10.0 (Newton).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)\n\nA KCS article with more information on this flaw is available at:\nhttps://access.redhat.com/solutions/3022771\n\nThis issue was discovered by David Gurtner (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1242",
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "1416228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416228"
},
{
"category": "external",
"summary": "1428017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428017"
},
{
"category": "external",
"summary": "1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "1437016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1437016"
},
{
"category": "external",
"summary": "1441982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441982"
},
{
"category": "external",
"summary": "1448062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448062"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1242.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2025-11-21T18:00:32+00:00",
"generator": {
"date": "2025-11-21T18:00:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:1242",
"initial_release_date": "2017-05-17T12:19:05+00:00",
"revision_history": [
{
"date": "2017-05-17T12:19:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-05-17T12:19:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:00:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 10.0",
"product": {
"name": "Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:10::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@5.2.0-3.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-1:14.0.3-9.el7ost.src",
"product": {
"name": "openstack-nova-1:14.0.3-9.el7ost.src",
"product_id": "openstack-nova-1:14.0.3-9.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova@14.0.3-9.el7ost?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "puppet-nova-0:9.5.0-4.el7ost.src",
"product": {
"name": "puppet-nova-0:9.5.0-4.el7ost.src",
"product_id": "puppet-nova-0:9.5.0-4.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-nova@9.5.0-4.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:5.5.0-12.el7ost.src",
"product": {
"name": "puppet-tripleo-0:5.5.0-12.el7ost.src",
"product_id": "puppet-tripleo-0:5.5.0-12.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@5.5.0-12.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"product": {
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"product_id": "openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common@5.4.1-6.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@5.2.0-15.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@5.2.0-3.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-placement-api@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-cells@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-novncproxy@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-migration@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-conductor@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-api@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-nova-tests-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "python-nova-tests-1:14.0.3-9.el7ost.noarch",
"product_id": "python-nova-tests-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nova-tests@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-serialproxy@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-cert@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-common@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-scheduler@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-nova-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "python-nova-1:14.0.3-9.el7ost.noarch",
"product_id": "python-nova-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nova@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-compute@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-spicehtml5proxy@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-console@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-network@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "puppet-nova-0:9.5.0-4.el7ost.noarch",
"product": {
"name": "puppet-nova-0:9.5.0-4.el7ost.noarch",
"product_id": "puppet-nova-0:9.5.0-4.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-nova@9.5.0-4.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"product": {
"name": "puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"product_id": "puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@5.5.0-12.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"product": {
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"product_id": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common@5.4.1-6.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@5.2.0-15.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-1:14.0.3-9.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src"
},
"product_reference": "openstack-nova-1:14.0.3-9.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-api-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-common-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-console-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-network-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch"
},
"product_reference": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src"
},
"product_reference": "openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-nova-0:9.5.0-4.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch"
},
"product_reference": "puppet-nova-0:9.5.0-4.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-nova-0:9.5.0-4.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src"
},
"product_reference": "puppet-nova-0:9.5.0-4.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:5.5.0-12.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch"
},
"product_reference": "puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:5.5.0-12.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src"
},
"product_reference": "puppet-tripleo-0:5.5.0-12.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nova-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "python-nova-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nova-tests-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "python-nova-tests-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"David Gurtner"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2637",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2017-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1428240"
}
],
"notes": [
{
"category": "description",
"text": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhosp-director: libvirtd is deployed with no authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src",
"7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"category": "external",
"summary": "RHBZ#1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"release_date": "2017-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-05-17T12:19:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src",
"7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"category": "workaround",
"details": "A KCS article with more details on this flaw is available at: https://access.redhat.com/solutions/3022771",
"product_ids": [
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src",
"7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src",
"7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhosp-director: libvirtd is deployed with no authentication"
}
]
}
RHSA-2017:1546
Vulnerability from csaf_redhat
Published
2017-06-20 12:44
Modified
2025-11-21 18:01
Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 8.0 (Liberty).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)
A KCS article with more information on this flaw is available at:
https://access.redhat.com/solutions/3022771
This issue was discovered by David Gurtner (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 8.0 (Liberty).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)\n\nA KCS article with more information on this flaw is available at:\nhttps://access.redhat.com/solutions/3022771\n\nThis issue was discovered by David Gurtner (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1546",
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "1457138",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457138"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1546.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2025-11-21T18:01:01+00:00",
"generator": {
"date": "2025-11-21T18:01:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:1546",
"initial_release_date": "2017-06-20T12:44:42+00:00",
"revision_history": [
{
"date": "2017-06-20T12:44:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-06-20T12:44:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:01:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenStack 8.0 Director for RHEL 7",
"product": {
"name": "OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack-director:8::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.14-29.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-tripleoclient-0:0.3.4-14.el7ost.src",
"product": {
"name": "python-tripleoclient-0:0.3.4-14.el7ost.src",
"product_id": "python-tripleoclient-0:0.3.4-14.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@0.3.4-14.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.5-2.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.14-29.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates-kilo@0.8.14-29.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"product": {
"name": "python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"product_id": "python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@0.3.4-14.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.5-2.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:0.3.4-14.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch"
},
"product_reference": "python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:0.3.4-14.el7ost.src as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
},
"product_reference": "python-tripleoclient-0:0.3.4-14.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"David Gurtner"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2637",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2017-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1428240"
}
],
"notes": [
{
"category": "description",
"text": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhosp-director: libvirtd is deployed with no authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"category": "external",
"summary": "RHBZ#1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"release_date": "2017-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-06-20T12:44:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"category": "workaround",
"details": "A KCS article with more details on this flaw is available at: https://access.redhat.com/solutions/3022771",
"product_ids": [
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhosp-director: libvirtd is deployed with no authentication"
}
]
}
RHSA-2017:1537
Vulnerability from csaf_redhat
Published
2017-06-20 12:23
Modified
2025-11-21 18:01
Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 7.0 (Kilo).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)
A KCS article with more information on this flaw is available at:
https://access.redhat.com/solutions/3022771
This issue was discovered by David Gurtner (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 7.0 (Kilo).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)\n\nA KCS article with more information on this flaw is available at:\nhttps://access.redhat.com/solutions/3022771\n\nThis issue was discovered by David Gurtner (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1537",
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1537.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2025-11-21T18:01:01+00:00",
"generator": {
"date": "2025-11-21T18:01:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:1537",
"initial_release_date": "2017-06-20T12:23:41+00:00",
"revision_history": [
{
"date": "2017-06-20T12:23:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-06-20T12:23:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:01:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenStack 7.0 Director for RHEL 7",
"product": {
"name": "OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack-director:7::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.6-135.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src",
"product": {
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src",
"product_id": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-rdomanager-oscplugin@0.0.10-34.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.1-6.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.6-135.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"product": {
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"product_id": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-rdomanager-oscplugin@0.0.10-34.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.1-6.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch"
},
"product_reference": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
},
"product_reference": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"David Gurtner"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2637",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2017-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1428240"
}
],
"notes": [
{
"category": "description",
"text": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhosp-director: libvirtd is deployed with no authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"category": "external",
"summary": "RHBZ#1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"release_date": "2017-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-06-20T12:23:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"category": "workaround",
"details": "A KCS article with more details on this flaw is available at: https://access.redhat.com/solutions/3022771",
"product_ids": [
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhosp-director: libvirtd is deployed with no authentication"
}
]
}
rhsa-2017_1537
Vulnerability from csaf_redhat
Published
2017-06-20 12:23
Modified
2024-11-14 22:40
Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 7.0 (Kilo).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)
A KCS article with more information on this flaw is available at:
https://access.redhat.com/solutions/3022771
This issue was discovered by David Gurtner (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 7.0 (Kilo).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)\n\nA KCS article with more information on this flaw is available at:\nhttps://access.redhat.com/solutions/3022771\n\nThis issue was discovered by David Gurtner (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1537",
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1537.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2024-11-14T22:40:45+00:00",
"generator": {
"date": "2024-11-14T22:40:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:1537",
"initial_release_date": "2017-06-20T12:23:41+00:00",
"revision_history": [
{
"date": "2017-06-20T12:23:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-06-20T12:23:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T22:40:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenStack 7.0 Director for RHEL 7",
"product": {
"name": "OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack-director:7::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.6-135.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src",
"product": {
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src",
"product_id": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-rdomanager-oscplugin@0.0.10-34.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.1-6.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.6-135.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"product": {
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"product_id": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-rdomanager-oscplugin@0.0.10-34.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.1-6.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch"
},
"product_reference": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src as a component of OpenStack 7.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
},
"product_reference": "python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0-Director"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"David Gurtner"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2637",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2017-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1428240"
}
],
"notes": [
{
"category": "description",
"text": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhosp-director: libvirtd is deployed with no authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"category": "external",
"summary": "RHBZ#1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"release_date": "2017-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-06-20T12:23:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"category": "workaround",
"details": "A KCS article with more details on this flaw is available at: https://access.redhat.com/solutions/3022771",
"product_ids": [
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-heat-templates-0:0.8.6-135.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:openstack-tripleo-puppet-elements-0:0.0.1-6.el7ost.src",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.noarch",
"7Server-RH7-RHOS-7.0-Director:python-rdomanager-oscplugin-0:0.0.10-34.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhosp-director: libvirtd is deployed with no authentication"
}
]
}
RHSA-2017:1504
Vulnerability from csaf_redhat
Published
2017-06-19 14:45
Modified
2025-11-21 18:01
Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 9.0 (Mitaka).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)
A KCS article with more information on this flaw is available at:
https://access.redhat.com/solutions/3022771
This issue was discovered by David Gurtner (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 9.0 (Mitaka).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)\n\nA KCS article with more information on this flaw is available at:\nhttps://access.redhat.com/solutions/3022771\n\nThis issue was discovered by David Gurtner (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1504",
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "1431673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1431673"
},
{
"category": "external",
"summary": "1457132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457132"
},
{
"category": "external",
"summary": "1457738",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457738"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1504.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2025-11-21T18:01:00+00:00",
"generator": {
"date": "2025-11-21T18:01:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:1504",
"initial_release_date": "2017-06-19T14:45:36+00:00",
"revision_history": [
{
"date": "2017-06-19T14:45:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-06-19T14:45:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:01:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenStack 9.0 Director for RHEL 7",
"product": {
"name": "OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack-director:9::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-tripleoclient-0:2.0.0-14.el7ost.src",
"product": {
"name": "python-tripleoclient-0:2.0.0-14.el7ost.src",
"product_id": "python-tripleoclient-0:2.0.0-14.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@2.0.0-14.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@2.0.0-6.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@2.0.0-57.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"product": {
"name": "python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"product_id": "python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@2.0.0-14.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@2.0.0-6.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@2.0.0-57.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates-liberty@2.0.0-57.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:2.0.0-14.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch"
},
"product_reference": "python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:2.0.0-14.el7ost.src as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
},
"product_reference": "python-tripleoclient-0:2.0.0-14.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"David Gurtner"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2637",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2017-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1428240"
}
],
"notes": [
{
"category": "description",
"text": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhosp-director: libvirtd is deployed with no authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"category": "external",
"summary": "RHBZ#1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"release_date": "2017-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-06-19T14:45:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
},
{
"category": "workaround",
"details": "A KCS article with more details on this flaw is available at: https://access.redhat.com/solutions/3022771",
"product_ids": [
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhosp-director: libvirtd is deployed with no authentication"
}
]
}
rhsa-2017_1546
Vulnerability from csaf_redhat
Published
2017-06-20 12:44
Modified
2024-11-14 22:40
Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 8.0 (Liberty).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)
A KCS article with more information on this flaw is available at:
https://access.redhat.com/solutions/3022771
This issue was discovered by David Gurtner (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 8.0 (Liberty).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)\n\nA KCS article with more information on this flaw is available at:\nhttps://access.redhat.com/solutions/3022771\n\nThis issue was discovered by David Gurtner (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1546",
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "1457138",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457138"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1546.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2024-11-14T22:40:50+00:00",
"generator": {
"date": "2024-11-14T22:40:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:1546",
"initial_release_date": "2017-06-20T12:44:42+00:00",
"revision_history": [
{
"date": "2017-06-20T12:44:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-06-20T12:44:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T22:40:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenStack 8.0 Director for RHEL 7",
"product": {
"name": "OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack-director:8::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.14-29.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-tripleoclient-0:0.3.4-14.el7ost.src",
"product": {
"name": "python-tripleoclient-0:0.3.4-14.el7ost.src",
"product_id": "python-tripleoclient-0:0.3.4-14.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@0.3.4-14.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.5-2.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.14-29.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates-kilo@0.8.14-29.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"product": {
"name": "python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"product_id": "python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@0.3.4-14.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@0.0.5-2.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:0.3.4-14.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch"
},
"product_reference": "python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:0.3.4-14.el7ost.src as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
},
"product_reference": "python-tripleoclient-0:0.3.4-14.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"David Gurtner"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2637",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2017-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1428240"
}
],
"notes": [
{
"category": "description",
"text": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhosp-director: libvirtd is deployed with no authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"category": "external",
"summary": "RHBZ#1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"release_date": "2017-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-06-20T12:44:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"category": "workaround",
"details": "A KCS article with more details on this flaw is available at: https://access.redhat.com/solutions/3022771",
"product_ids": [
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-29.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-29.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-puppet-elements-0:0.0.5-2.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:python-tripleoclient-0:0.3.4-14.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhosp-director: libvirtd is deployed with no authentication"
}
]
}
rhsa-2017_1504
Vulnerability from csaf_redhat
Published
2017-06-19 14:45
Modified
2024-11-14 22:40
Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 9.0 (Mitaka).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)
A KCS article with more information on this flaw is available at:
https://access.redhat.com/solutions/3022771
This issue was discovered by David Gurtner (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 9.0 (Mitaka).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)\n\nA KCS article with more information on this flaw is available at:\nhttps://access.redhat.com/solutions/3022771\n\nThis issue was discovered by David Gurtner (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1504",
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "1431673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1431673"
},
{
"category": "external",
"summary": "1457132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457132"
},
{
"category": "external",
"summary": "1457738",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457738"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1504.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2024-11-14T22:40:55+00:00",
"generator": {
"date": "2024-11-14T22:40:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:1504",
"initial_release_date": "2017-06-19T14:45:36+00:00",
"revision_history": [
{
"date": "2017-06-19T14:45:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-06-19T14:45:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T22:40:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenStack 9.0 Director for RHEL 7",
"product": {
"name": "OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack-director:9::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-tripleoclient-0:2.0.0-14.el7ost.src",
"product": {
"name": "python-tripleoclient-0:2.0.0-14.el7ost.src",
"product_id": "python-tripleoclient-0:2.0.0-14.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@2.0.0-14.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@2.0.0-6.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@2.0.0-57.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"product": {
"name": "python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"product_id": "python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@2.0.0-14.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@2.0.0-6.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@2.0.0-57.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates-liberty@2.0.0-57.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:2.0.0-14.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch"
},
"product_reference": "python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:2.0.0-14.el7ost.src as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
},
"product_reference": "python-tripleoclient-0:2.0.0-14.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"David Gurtner"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2637",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2017-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1428240"
}
],
"notes": [
{
"category": "description",
"text": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhosp-director: libvirtd is deployed with no authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"category": "external",
"summary": "RHBZ#1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"release_date": "2017-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-06-19T14:45:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
},
{
"category": "workaround",
"details": "A KCS article with more details on this flaw is available at: https://access.redhat.com/solutions/3022771",
"product_ids": [
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-57.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-57.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-puppet-elements-0:2.0.0-6.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:python-tripleoclient-0:2.0.0-14.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhosp-director: libvirtd is deployed with no authentication"
}
]
}
rhsa-2017_1242
Vulnerability from csaf_redhat
Published
2017-05-17 12:19
Modified
2024-11-14 22:40
Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 10.0 (Newton).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)
A KCS article with more information on this flaw is available at:
https://access.redhat.com/solutions/3022771
This issue was discovered by David Gurtner (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 10.0 (Newton).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)\n\nA KCS article with more information on this flaw is available at:\nhttps://access.redhat.com/solutions/3022771\n\nThis issue was discovered by David Gurtner (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1242",
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "1416228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416228"
},
{
"category": "external",
"summary": "1428017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428017"
},
{
"category": "external",
"summary": "1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "1437016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1437016"
},
{
"category": "external",
"summary": "1441982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441982"
},
{
"category": "external",
"summary": "1448062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448062"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1242.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2024-11-14T22:40:07+00:00",
"generator": {
"date": "2024-11-14T22:40:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:1242",
"initial_release_date": "2017-05-17T12:19:05+00:00",
"revision_history": [
{
"date": "2017-05-17T12:19:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-05-17T12:19:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T22:40:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 10.0",
"product": {
"name": "Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:10::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@5.2.0-3.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-1:14.0.3-9.el7ost.src",
"product": {
"name": "openstack-nova-1:14.0.3-9.el7ost.src",
"product_id": "openstack-nova-1:14.0.3-9.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova@14.0.3-9.el7ost?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "puppet-nova-0:9.5.0-4.el7ost.src",
"product": {
"name": "puppet-nova-0:9.5.0-4.el7ost.src",
"product_id": "puppet-nova-0:9.5.0-4.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-nova@9.5.0-4.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:5.5.0-12.el7ost.src",
"product": {
"name": "puppet-tripleo-0:5.5.0-12.el7ost.src",
"product_id": "puppet-tripleo-0:5.5.0-12.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@5.5.0-12.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"product": {
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"product_id": "openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common@5.4.1-6.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@5.2.0-15.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@5.2.0-3.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-placement-api@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-cells@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-novncproxy@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-migration@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-conductor@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-api@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-nova-tests-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "python-nova-tests-1:14.0.3-9.el7ost.noarch",
"product_id": "python-nova-tests-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nova-tests@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-serialproxy@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-cert@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-common@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-scheduler@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-nova-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "python-nova-1:14.0.3-9.el7ost.noarch",
"product_id": "python-nova-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nova@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-compute@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-spicehtml5proxy@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-console@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-network@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "puppet-nova-0:9.5.0-4.el7ost.noarch",
"product": {
"name": "puppet-nova-0:9.5.0-4.el7ost.noarch",
"product_id": "puppet-nova-0:9.5.0-4.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-nova@9.5.0-4.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"product": {
"name": "puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"product_id": "puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@5.5.0-12.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"product": {
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"product_id": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common@5.4.1-6.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@5.2.0-15.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-1:14.0.3-9.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src"
},
"product_reference": "openstack-nova-1:14.0.3-9.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-api-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-common-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-console-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-network-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch"
},
"product_reference": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src"
},
"product_reference": "openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-nova-0:9.5.0-4.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch"
},
"product_reference": "puppet-nova-0:9.5.0-4.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-nova-0:9.5.0-4.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src"
},
"product_reference": "puppet-nova-0:9.5.0-4.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:5.5.0-12.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch"
},
"product_reference": "puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:5.5.0-12.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src"
},
"product_reference": "puppet-tripleo-0:5.5.0-12.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nova-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "python-nova-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nova-tests-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "python-nova-tests-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"David Gurtner"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2637",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2017-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1428240"
}
],
"notes": [
{
"category": "description",
"text": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhosp-director: libvirtd is deployed with no authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src",
"7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"category": "external",
"summary": "RHBZ#1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"release_date": "2017-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-05-17T12:19:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src",
"7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"category": "workaround",
"details": "A KCS article with more details on this flaw is available at: https://access.redhat.com/solutions/3022771",
"product_ids": [
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src",
"7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src",
"7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhosp-director: libvirtd is deployed with no authentication"
}
]
}
rhsa-2017:1242
Vulnerability from csaf_redhat
Published
2017-05-17 12:19
Modified
2025-11-21 18:00
Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 10.0 (Newton).
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)
A KCS article with more information on this flaw is available at:
https://access.redhat.com/solutions/3022771
This issue was discovered by David Gurtner (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 10.0 (Newton).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. (CVE-2017-2637)\n\nA KCS article with more information on this flaw is available at:\nhttps://access.redhat.com/solutions/3022771\n\nThis issue was discovered by David Gurtner (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:1242",
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "1416228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416228"
},
{
"category": "external",
"summary": "1428017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428017"
},
{
"category": "external",
"summary": "1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "1437016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1437016"
},
{
"category": "external",
"summary": "1441982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441982"
},
{
"category": "external",
"summary": "1448062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448062"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1242.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2025-11-21T18:00:32+00:00",
"generator": {
"date": "2025-11-21T18:00:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:1242",
"initial_release_date": "2017-05-17T12:19:05+00:00",
"revision_history": [
{
"date": "2017-05-17T12:19:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-05-17T12:19:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:00:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 10.0",
"product": {
"name": "Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:10::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@5.2.0-3.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-1:14.0.3-9.el7ost.src",
"product": {
"name": "openstack-nova-1:14.0.3-9.el7ost.src",
"product_id": "openstack-nova-1:14.0.3-9.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova@14.0.3-9.el7ost?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "puppet-nova-0:9.5.0-4.el7ost.src",
"product": {
"name": "puppet-nova-0:9.5.0-4.el7ost.src",
"product_id": "puppet-nova-0:9.5.0-4.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-nova@9.5.0-4.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:5.5.0-12.el7ost.src",
"product": {
"name": "puppet-tripleo-0:5.5.0-12.el7ost.src",
"product_id": "puppet-tripleo-0:5.5.0-12.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@5.5.0-12.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"product": {
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"product_id": "openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common@5.4.1-6.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@5.2.0-15.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@5.2.0-3.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-placement-api@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-cells@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-novncproxy@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-migration@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-conductor@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-api@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-nova-tests-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "python-nova-tests-1:14.0.3-9.el7ost.noarch",
"product_id": "python-nova-tests-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nova-tests@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-serialproxy@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-cert@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-common@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-scheduler@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-nova-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "python-nova-1:14.0.3-9.el7ost.noarch",
"product_id": "python-nova-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nova@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-compute@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-spicehtml5proxy@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-console@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"product": {
"name": "openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"product_id": "openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-nova-network@14.0.3-9.el7ost?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "puppet-nova-0:9.5.0-4.el7ost.noarch",
"product": {
"name": "puppet-nova-0:9.5.0-4.el7ost.noarch",
"product_id": "puppet-nova-0:9.5.0-4.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-nova@9.5.0-4.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"product": {
"name": "puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"product_id": "puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@5.5.0-12.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"product": {
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"product_id": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common@5.4.1-6.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@5.2.0-15.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-1:14.0.3-9.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src"
},
"product_reference": "openstack-nova-1:14.0.3-9.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-api-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-common-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-console-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-network-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch"
},
"product_reference": "openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-0:5.4.1-6.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src"
},
"product_reference": "openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-nova-0:9.5.0-4.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch"
},
"product_reference": "puppet-nova-0:9.5.0-4.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-nova-0:9.5.0-4.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src"
},
"product_reference": "puppet-nova-0:9.5.0-4.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:5.5.0-12.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch"
},
"product_reference": "puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:5.5.0-12.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src"
},
"product_reference": "puppet-tripleo-0:5.5.0-12.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nova-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "python-nova-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nova-tests-1:14.0.3-9.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
},
"product_reference": "python-nova-tests-1:14.0.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"David Gurtner"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-2637",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2017-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1428240"
}
],
"notes": [
{
"category": "description",
"text": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhosp-director: libvirtd is deployed with no authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src",
"7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"category": "external",
"summary": "RHBZ#1428240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3022771",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"category": "external",
"summary": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"release_date": "2017-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-05-17T12:19:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src",
"7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"category": "workaround",
"details": "A KCS article with more details on this flaw is available at: https://access.redhat.com/solutions/3022771",
"product_ids": [
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src",
"7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-1:14.0.3-9.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-nova-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cells-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-cert-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-common-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-compute-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-conductor-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-console-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-migration-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-network-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-novncproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-placement-api-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-scheduler-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-serialproxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-nova-spicehtml5proxy-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-common-0:5.4.1-6.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.2.0-15.el7ost.src",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-puppet-elements-0:5.2.0-3.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-nova-0:9.5.0-4.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.5.0-12.el7ost.src",
"7Server-RH7-RHOS-10.0:python-nova-1:14.0.3-9.el7ost.noarch",
"7Server-RH7-RHOS-10.0:python-nova-tests-1:14.0.3-9.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rhosp-director: libvirtd is deployed with no authentication"
}
]
}
ghsa-w8fq-h7pg-632c
Vulnerability from github
Published
2022-05-13 01:07
Modified
2022-05-13 01:07
Severity ?
VLAI Severity ?
Details
A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.
{
"affected": [],
"aliases": [
"CVE-2017-2637"
],
"database_specific": {
"cwe_ids": [
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-07-26T12:29:00Z",
"severity": "CRITICAL"
},
"details": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"id": "GHSA-w8fq-h7pg-632c",
"modified": "2022-05-13T01:07:32Z",
"published": "2022-05-13T01:07:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2637"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2017-2637"
},
{
"type": "WEB",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428240"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637"
},
{
"type": "WEB",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/98576"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
cnvd-2017-10580
Vulnerability from cnvd
Title
Red Hat OpenStack Platform远程提权漏洞
Description
Red Hat OpenStack Platform是美国红帽(Red Hat)公司的一套为私有云、公有云和混合云提供下一代IaaS(基础设施即服务)核心的平台。
RedHat OpenStack Platformis存在远程提权漏洞。攻击者可以利用该漏洞获取权限提升。
Severity
高
VLAI Severity ?
Patch Name
Red Hat OpenStack Platform远程提权漏洞的补丁
Patch Description
Red Hat OpenStack Platform是美国红帽(Red Hat)公司的一套为私有云、公有云和混合云提供下一代IaaS(基础设施即服务)核心的平台。
RedHat OpenStack Platformis存在远程提权漏洞。攻击者可以利用该漏洞获取权限提升。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可参考如下厂商提供的安全补丁以修复该漏洞: https://rhn.redhat.com/errata/RHSA-2017-1242.html
Reference
http://www.securityfocus.com/bid/98576
Impacted products
| Name | ['Red Hat OpenStack Platform 10', 'Red Hat OpenStack Platform Director 9.0', 'Red Hat OpenStack 8.0 Director for RHEL 70', 'Red Hat OpenStack 7.0 Director for RHEL 70'] |
|---|
{
"bids": {
"bid": {
"bidNumber": "98576"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2017-2637",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2637"
}
},
"description": "Red Hat OpenStack Platform\u662f\u7f8e\u56fd\u7ea2\u5e3d\uff08Red Hat\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e3a\u79c1\u6709\u4e91\u3001\u516c\u6709\u4e91\u548c\u6df7\u5408\u4e91\u63d0\u4f9b\u4e0b\u4e00\u4ee3IaaS\uff08\u57fa\u7840\u8bbe\u65bd\u5373\u670d\u52a1\uff09\u6838\u5fc3\u7684\u5e73\u53f0\u3002\r\n\r\nRedHat OpenStack Platformis\u5b58\u5728\u8fdc\u7a0b\u63d0\u6743\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u6743\u9650\u63d0\u5347\u3002",
"discovererName": "David Gurtner (Red Hat)",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://rhn.redhat.com/errata/RHSA-2017-1242.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-10580",
"openTime": "2017-06-22",
"patchDescription": "Red Hat OpenStack Platform\u662f\u7f8e\u56fd\u7ea2\u5e3d\uff08Red Hat\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e3a\u79c1\u6709\u4e91\u3001\u516c\u6709\u4e91\u548c\u6df7\u5408\u4e91\u63d0\u4f9b\u4e0b\u4e00\u4ee3IaaS\uff08\u57fa\u7840\u8bbe\u65bd\u5373\u670d\u52a1\uff09\u6838\u5fc3\u7684\u5e73\u53f0\u3002\r\n\r\nRedHat OpenStack Platformis\u5b58\u5728\u8fdc\u7a0b\u63d0\u6743\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u6743\u9650\u63d0\u5347\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Red Hat OpenStack Platform\u8fdc\u7a0b\u63d0\u6743\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Red Hat OpenStack Platform 10",
"Red Hat OpenStack Platform Director 9.0",
"Red Hat OpenStack 8.0 Director for RHEL 70",
"Red Hat OpenStack 7.0 Director for RHEL 70"
]
},
"referenceLink": "http://www.securityfocus.com/bid/98576",
"serverity": "\u9ad8",
"submitTime": "2017-05-24",
"title": "Red Hat OpenStack Platform\u8fdc\u7a0b\u63d0\u6743\u6f0f\u6d1e"
}
gsd-2017-2637
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-2637",
"description": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"id": "GSD-2017-2637",
"references": [
"https://access.redhat.com/errata/RHSA-2017:1546",
"https://access.redhat.com/errata/RHSA-2017:1537",
"https://access.redhat.com/errata/RHSA-2017:1504",
"https://access.redhat.com/errata/RHSA-2017:1242"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-2637"
],
"details": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.",
"id": "GSD-2017-2637",
"modified": "2023-12-13T01:21:06.152450Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2637",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "rhosp-director",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-306",
"lang": "eng",
"value": "CWE-306"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/bid/98576",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/98576"
},
{
"name": "https://access.redhat.com/errata/RHSA-2017:1242",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"name": "https://access.redhat.com/errata/RHSA-2017:1504",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
},
{
"name": "https://access.redhat.com/errata/RHSA-2017:1537",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"name": "https://access.redhat.com/errata/RHSA-2017:1546",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"name": "https://access.redhat.com/solutions/3022771",
"refsource": "MISC",
"url": "https://access.redhat.com/solutions/3022771"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637"
},
{
"name": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"refsource": "MISC",
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2637"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Mitigation",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637"
},
{
"name": "https://access.redhat.com/solutions/3022771",
"refsource": "CONFIRM",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://access.redhat.com/solutions/3022771"
},
{
"name": "RHSA-2017:1546",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"name": "RHSA-2017:1537",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"name": "RHSA-2017:1504",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
},
{
"name": "RHSA-2017:1242",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"name": "98576",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98576"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
},
"lastModifiedDate": "2023-02-12T23:29Z",
"publishedDate": "2018-07-26T12:29Z"
}
}
}
fkie_cve-2017-2637
Vulnerability from fkie_nvd
Published
2018-07-26 12:29
Modified
2024-11-21 03:23
Severity ?
9.9 (Critical) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
10.0 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | http://www.securityfocus.com/bid/98576 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2017:1242 | Vendor Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2017:1504 | Vendor Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2017:1537 | Vendor Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2017:1546 | Vendor Advisory | |
| secalert@redhat.com | https://access.redhat.com/solutions/3022771 | Mitigation, Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637 | Issue Tracking, Mitigation, Vendor Advisory | |
| secalert@redhat.com | https://wiki.openstack.org/wiki/OSSN/OSSN-0007 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/98576 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1242 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1504 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1537 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1546 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/solutions/3022771 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637 | Issue Tracking, Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.openstack.org/wiki/OSSN/OSSN-0007 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DAA72A4-AC7D-4544-89D4-5B07961D5A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B8C725-34CF-4340-BE7B-37E58CF706D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*",
"matchCriteriaId": "F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*",
"matchCriteriaId": "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host."
},
{
"lang": "es",
"value": "Se ha detectado un fallo de dise\u00f1o en el director de Red Hat OpenStack Platform que utiliza TripleO para permitir migraciones live basadas en libvirtd. Libvirtd se implementa por defecto (por el director) escuchando en 0.0.0.0 (todas las interfaces) sin ninguna autenticaci\u00f3n o cifrado. Cualquiera que sea capaz de hacer una conexi\u00f3n TCP a cualquier direcci\u00f3n IP del host, incluyendo 127.0.0.1, otras direcciones de interfaz loopback o, en algunos casos, posibles direcciones que hayan sido expuestas m\u00e1s all\u00e1 de la interfaz de administraci\u00f3n, podr\u00eda utilizar esto para abrir una sesi\u00f3n virsh en la instancia libvirtd y obtener el control de las instancias de la m\u00e1quina virtual o posiblemente tomar el control del host."
}
],
"id": "CVE-2017-2637",
"lastModified": "2024-11-21T03:23:52.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-26T12:29:00.217",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98576"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://access.redhat.com/solutions/3022771"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mitigation",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1504"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1537"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://access.redhat.com/solutions/3022771"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mitigation",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0007"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…