OpenStack Nova could allow a remote authenticated attacker to bypass security restrictions. By rebuilding an instance, an attacker could exploit this vulnerability to achieve Filter Scheduler bypass.
CVE-ID: CVE-2017-16239 **Description:**OpenStack Nova could allow a remote authenticated attacker to bypass security restrictions. By rebuilding an instance, an attacker could exploit this vulnerability to achieve Filter Scheduler bypass. **CVSS Base Score:**4.3 CVSS Temporal Score:https://exchange.xforce.ibmcloud.com/vulnerabilities/135002 for more information *CVSS Environmental Score:**Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)
IBM PowerVC Standard Edition 1.3.2 through 1.3.2.1
IBM PowerVC Standard Edition 1.3.3 through 1.3.3.1
IBM PowerVC Standard Edition 1.4.0
IBM Cloud PowerVC Manager 1.3.2 through 1.3.2.1
IBM Cloud PowerVC Manager 1.3.3 through 1.3.3.1
IBM Cloud PowerVC Manager 1.4.0
For PowerVC 1.3.2, update to 1.3.2 FP1 and then apply IT24114 interim fix from Fix Central: https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%20software&product=ibm/Other+software/PowerVC&release=1.3.2.1&platform=All&function=aparId&apars=IT24114
For PowerVC 1.3.3, update to 1.3.3 FP1 and then apply IT24114 interim fix from Fix Central: https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%20software&product=ibm/Other+software/PowerVC&release=1.3.3.1&platform=All&function=aparId&apars=IT24114
For PowerVC 1.4.0, update to 1.4.0 FP1 from Fix Central: https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%20software&product=ibm/Other+software/PowerVC&release=1.4.0.0&platform=All&function=textSearch&text=PowerVC+1.4.0.1
None