A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerability by detaching one of their volumes from Cinder. The highest impact is to confidentiality.
References
Link | Resource |
---|---|
https://bugs.launchpad.net/bugs/2004555 | Issue Tracking |
https://security.openstack.org/ossa/OSSA-2023-003.html |
Configurations
History
23 Jul 2023, 02:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
26 May 2023, 18:00
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:redhat:openstack:-:*:*:*:*:*:*:* | |
CWE | NVD-CWE-noinfo | |
References | (MISC) https://bugs.launchpad.net/bugs/2004555 - Issue Tracking | |
First Time |
Redhat
Redhat openstack |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
Information
Published : 2023-05-12 21:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-2088
Mitre link : CVE-2023-2088
CVE.ORG link : CVE-2023-2088
JSON object : View
Products Affected
redhat
- openstack
CWE