Search CVE reports
1 – 5 of 5 results
CVE-2012-5476
Low priorityWithin the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value.
1 affected packages
quantum
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| quantum | — | — | — | — | Not in release |
CVE-2013-2255
Low priorityHTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.
6 affected packages
cinder, keystone, nova, python-keystoneclient, quantum, swift
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cinder | — | — | — | — | — |
| keystone | — | — | — | — | — |
| nova | — | — | — | — | — |
| python-keystoneclient | — | — | — | — | — |
| quantum | — | — | — | — | — |
| swift | — | — | — | — | — |
CVE-2013-6433
Medium priorityThe default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file for rootwrap, which allows remote attackers to gain privileges via a crafted configuration file.
2 affected packages
neutron, quantum
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| neutron | — | — | — | — | — |
| quantum | — | — | — | — | — |
CVE-2013-6491
Medium prioritySome fixes available 3 of 4
The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpid_protocol is set to ssl, which allows remote attackers to obtain sensitive information by sniffing the network.
5 affected packages
cinder, keystone, neutron, nova, quantum
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cinder | — | — | — | — | — |
| keystone | — | — | — | — | — |
| neutron | — | — | — | — | — |
| nova | — | — | — | — | — |
| quantum | — | — | — | — | — |
CVE-2013-1664
Medium prioritySome fixes available 10 of 12
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute (Nova) Essex and Folsom; Cinder Folsom; Django; and possibly other products allow remote attackers to...
5 affected packages
cinder, keystone, nova, python-django, quantum
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cinder | — | — | — | — | — |
| keystone | — | — | — | — | — |
| nova | — | — | — | — | — |
| python-django | — | — | — | — | — |
| quantum | — | — | — | — | — |