admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 05:28:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-16xx/CVE-2023-1636.json
cad-safe-bot b47d02a333 Auto-Update: 2023-11-07T21:02:52.274489+00:00
2023-11-07 21:03:21 +00:00

142 lines
4.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-1636",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-09-24T01:15:43.920",
"lastModified": "2023-11-07T04:04:25.993",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any service is compromised, it could gain access to the data transmitted to and from Barbican."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en los contenedores OpenStack Barbican. Esta vulnerabilidad solo se aplica a implementaciones que utilizan una configuraci\u00f3n todo en uno. Los contenedores Barbican comparten el mismo espacio de nombres CGROUP, USER y NET con el sistema host y otros servicios OpenStack. Si alg\u00fan servicio se ve comprometido, podr\u00eda obtener acceso a los datos transmitidos hacia y desde Barbican."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 1.4
},
{
"source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-653"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openstack:barbican:-:*:*:*:*:*:*:*",
"matchCriteriaId": "596EFC6C-4D91-4EDF-9EC6-1C58EB485C5E"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC81071-B46D-4F5D-AC25-B4A4CCC20C73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openstack_platform:17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F7076B1E-0529-43CC-828B-45C2ED11F9F6"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-1636",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2181765",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink