5.5
CVE-2023-6110
- EPSS 0.17%
- Published 17.11.2024 11:15:06
- Last modified 05.12.2024 21:15:07
- Source secalert@redhat.com
- Teams watchlist Login
- Open Login
A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorRed Hat
≫
Product
Red Hat OpenStack Platform 17.1 for RHEL 8
Default Statusaffected
Version <
*
Version
0:5.5.2-17.1.20230829213816.el8ost
Status
unaffected
VendorRed Hat
≫
Product
Red Hat OpenStack Platform 17.1 for RHEL 9
Default Statusaffected
Version <
*
Version
0:5.5.2-17.1.20230829210830.el9ost
Status
unaffected
VendorRed Hat
≫
Product
Red Hat OpenStack Platform 16.1
Default Statusaffected
VendorRed Hat
≫
Product
Red Hat OpenStack Platform 16.2
Default Statusaffected
VendorRed Hat
≫
Product
Red Hat OpenStack Platform 17.0
Default Statusunknown
VendorRed Hat
≫
Product
Red Hat OpenStack Platform 18.0
Default Statusaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.382 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| secalert@redhat.com | 5.5 | 2.1 | 3.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
|
CWE-237 Improper Handling of Structural Elements
The product does not handle or incorrectly handles inputs that are related to complex structures.