HIGH🇬🇧 English

CVE-2024-8007

CVSS 8.1v3.1pub. 2024-08-21upd. 2024-11-25

A flaw was found in the openstack-tripleo-common component of the Red Hat OpenStack Platform (RHOSP) director. This vulnerability allows an attacker to deploy potentially compromised container images via disabling TLS certificate verification for registry mirrors, which could enable a man-in-the-middle (MITM) attack.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Red Hat Openstack Platform

    APP
    Redhat
    16.116.217.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Container
CWE
Referencje

Powiązane podatności

CVE-2020-10731CRITICAL9.9ten sam produkt

A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16, where it does no...

CVE-2023-1625HIGH7.4ten sam produkt

An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker ...

CVE-2022-3596HIGH7.5ten sam produkt

An information leak was found in OpenStack's undercloud. This flaw allows unauthenticated, remote attackers to...

CVE-2023-1108HIGH7.5ten sam produkt

A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected han...

CVE-2023-3354HIGH7.5ten sam produkt

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whethe...