Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 5 of 5 results

CVE-2012-5476

Low priority
Ignored

Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value.

1 affected packages

quantum

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
quantum Not in release
Show less packages

CVE-2013-2255

Low priority
Ignored

HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.

6 affected packages

cinder, keystone, nova, python-keystoneclient, quantum, swift

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cinder
keystone
nova
python-keystoneclient
quantum
swift
Show less packages

CVE-2013-6433

Medium priority
Fixed

The default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file for rootwrap, which allows remote attackers to gain privileges via a crafted configuration file.

2 affected packages

neutron, quantum

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
neutron
quantum
Show less packages

CVE-2013-6491

Medium priority

Some fixes available 3 of 4

The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpid_protocol is set to ssl, which allows remote attackers to obtain sensitive information by sniffing the network.

5 affected packages

cinder, keystone, neutron, nova, quantum

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cinder
keystone
neutron
nova
quantum
Show less packages

CVE-2013-1664

Medium priority

Some fixes available 10 of 12

The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute (Nova) Essex and Folsom; Cinder Folsom; Django; and possibly other products allow remote attackers to...

5 affected packages

cinder, keystone, nova, python-django, quantum

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cinder
keystone
nova
python-django
quantum
Show less packages