Lucene search
Veracode Vulnerability DatabaseVERACODE:26503HistoryAug 27, 2020 - 3:57 a.m.
Authorization Bypass
2020-08-2703:57:23
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.002 Low
EPSS
Percentile
54.1%
nova is vulnerable to authorization bypass. The vulnerability exists as it was possible to include block devices that maps to different Cinder volumes from the source, allowing access to destination host devices that share the same paths as the previous host devices.
References
www.openwall.com/lists/oss-security/2020/08/25/4
github.com/openstack/nova/commit/1bb8ee95d4c3ddc3f607ac57526b75af1b7fbcff
launchpad.net/bugs/1890501
review.opendev.org/#/c/747978/
seclists.org/oss-sec/2020/q3/137
security.openstack.org/ossa/OSSA-2020-006.html
www.openwall.com/lists/oss-security/2020/08/25/4
Related
nessus
nessus
RHEL 8 : openstack-nova (RHSA-2020:3704)
2020-09-10 00:00:00
RHEL 8 : openstack-nova (RHSA-2020:3702)
2020-09-10 00:00:00
RHEL 8 : openstack-nova (RHSA-2020:3706)
2020-09-10 00:00:00
redhatcve
redhatcve
CVE-2020-17376
2020-08-25 15:34:10
osv
osv
CVE-2020-17376
2020-08-26 19:15:14
PYSEC-2020-243
2020-08-26 19:15:00
nova vulnerabilities
2023-02-13 10:41:19
github
github
OpenStack Nova Live migration fails to update persistent domain XML
2022-05-24 17:26:41
ubuntucve
ubuntucve
CVE-2020-17376
2020-08-26 00:00:00
cve
cve
CVE-2020-17376
2020-08-26 19:15:14
redhat
redhat
(RHSA-2020:3706) Important: openstack-nova security update
2020-09-10 06:39:05
(RHSA-2020:3704) Important: openstack-nova security update
2020-09-10 05:00:03
(RHSA-2020:3711) Important: openstack-nova security update
2020-09-10 07:59:42
prion
prion
Design/Logic Flaw
2020-08-26 19:15:00
cvelist
cvelist
CVE-2020-17376
2020-08-26 18:45:28
nvd
nvd
CVE-2020-17376
2020-08-26 19:15:14
debiancve
debiancve
CVE-2020-17376
2020-08-26 19:15:14
openvas
openvas
Ubuntu: Security Advisory (USN-5866-1)
2023-02-14 00:00:00
ubuntu
ubuntu
Nova vulnerabilities
2023-02-13 00:00:00