CVE-2023-1636

EPSS 0.07%
Veröffentlicht 24.09.2023 01:15:43
Zuletzt bearbeitet 21.11.2024 07:39:35
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any service is compromised, it could gain access to the data transmitted to and from Barbican.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Openstack ≫ Barbican Version-

Redhat ≫ Openstack Platform Version16.1

Redhat ≫ Openstack Platform Version16.2

Redhat ≫ Openstack Platform Version17.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.193

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	3.1	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
secalert@redhat.com	6	1.8	3.7	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L

CWE-653 Improper Isolation or Compartmentalization

The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions.

https://access.redhat.com/security/cve/CVE-2023-1636

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2181765

Third Party Advisory

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2023-1636

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-1636

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-1636

EUVD