CVE-2023-1636

EPSS 0.07%
Published 24.09.2023 01:15:43
Last modified 21.11.2024 07:39:35
Source secalert@redhat.com
Teams watchlist Login
Open Login

A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any service is compromised, it could gain access to the data transmitted to and from Barbican.

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Openstack ≫ Barbican Version-

Redhat ≫ Openstack Platform Version16.1

Redhat ≫ Openstack Platform Version16.2

Redhat ≫ Openstack Platform Version17.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.07%	0.193

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	3.1	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
secalert@redhat.com	6	1.8	3.7	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L

CWE-653 Improper Isolation or Compartmentalization

The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions.

https://access.redhat.com/security/cve/CVE-2023-1636

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2181765

Third Party Advisory

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2023-1636

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-1636

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-1636

EUVD