{"containers": {"cna": {"affected": [{"product": "openstack-mistral", "vendor": "[UNKNOWN]", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-11-02T00:00:00", "descriptions": [{"lang": "en", "value": "A flaw was found in openstack-mistral. By manipulating the SSH private key filename, the std.ssh action can be used to disclose the presence of arbitrary files within the filesystem of the executor running the action. Since std.ssh private_key_filename can take an absolute path, it can be used to assess whether or not a file exists on the executor's filesystem."}], "metrics": [{"cvssV3_0": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-11-02T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.launchpad.net/mistral/+bug/1783708"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16849"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2018-16849", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "openstack-mistral", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "[UNKNOWN]"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A flaw was found in openstack-mistral. By manipulating the SSH private key filename, the std.ssh action can be used to disclose the presence of arbitrary files within the filesystem of the executor running the action. Since std.ssh private_key_filename can take an absolute path, it can be used to assess whether or not a file exists on the executor's filesystem."}]}, "impact": {"cvss": [[{"vectorString": "3.1/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}]]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-200"}]}]}, "references": {"reference_data": [{"name": "https://bugs.launchpad.net/mistral/+bug/1783708", "refsource": "CONFIRM", "url": "https://bugs.launchpad.net/mistral/+bug/1783708"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16849", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16849"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T10:32:54.175Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.launchpad.net/mistral/+bug/1783708"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16849"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2018-16849", "datePublished": "2018-11-02T21:00:00", "dateReserved": "2018-09-11T00:00:00", "dateUpdated": "2024-08-05T10:32:54.175Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openstack-mistral:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC5706B9-4DCB-41B9-AA6D-76B412B3F2E5", "versionEndExcluding": "7.0.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in openstack-mistral. By manipulating the SSH private key filename, the std.ssh action can be used to disclose the presence of arbitrary files within the filesystem of the executor running the action. Since std.ssh private_key_filename can take an absolute path, it can be used to assess whether or not a file exists on the executor's filesystem."}, {"lang": "es", "value": "Se ha encontrado un error en openstack-mistral. Al manipular el nombre de archivo de la clave privada SSH, la acci\u00f3n std.ssh puede emplearse para revelar la presencia de archivos arbitrarios en el sistema de archivos del ejecutor que lleva a cabo la acci\u00f3n. Ya que std.ssh private_key_filename puede tomar una ruta absoluta, se puede emplear para determinar si existe un archivo o no en el sistema de archivos del ejecutor."}], "id": "CVE-2018-16849", "lastModified": "2024-11-21T03:53:26.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 1.6, "impactScore": 1.4, "source": "secalert@redhat.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-11-02T21:29:00.323", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://bugs.launchpad.net/mistral/+bug/1783708"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16849"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://bugs.launchpad.net/mistral/+bug/1783708"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16849"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "secalert@redhat.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank the Mistral project for reporting this issue.", "affected_release": [{"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "instack-undercloud-0:8.4.6-6.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "openstack-mistral-0:6.0.6-2.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "openstack-tripleo-common-0:8.6.6-16.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "openstack-tripleo-heat-templates-0:8.2.0-6.1.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "openstack-tripleo-image-elements-0:8.0.1-3.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "openstack-tripleo-puppet-elements-0:8.0.1-2.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "openstack-tripleo-ui-0:8.3.2-3.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "openstack-tripleo-validations-0:8.4.4-2.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "os-net-config-0:8.4.3-6.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "os-refresh-config-0:8.3.1-0.20180918214345.4703b54.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "puppet-cinder-0:12.4.1-3.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "puppet-keystone-0:12.4.0-4.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "puppet-manila-0:12.5.0-3.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "puppet-neutron-0:12.4.1-4.ed05e01git.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "puppet-nova-0:12.4.0-16.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "puppet-octavia-0:12.4.0-8.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "puppet-opendaylight-0:8.2.2-5.9126c8dgit.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "puppet-ovn-0:12.4.0-2.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "puppet-pacemaker-0:0.7.2-0.20180423212257.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "puppet-swift-0:12.4.0-4.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "puppet-tripleo-0:8.3.6-15.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "python-os-brick-0:2.3.4-2.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}, {"advisory": "RHBA-2019:0448", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "python-tripleoclient-0:9.2.6-8.el7ost", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-03-14T00:00:00Z"}], "bugzilla": {"description": "openstack-mistral: std.ssh action may disclose presence of arbitrary files", "id": "1645334", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1645334"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.3", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "status": "verified"}, "cwe": "CWE-200", "details": ["A flaw was found in openstack-mistral. By manipulating the SSH private key filename, the std.ssh action can be used to disclose the presence of arbitrary files within the filesystem of the executor running the action. Since std.ssh private_key_filename can take an absolute path, it can be used to assess whether or not a file exists on the executor's filesystem.", "An information-disclosure flaw was discovered in openstack-mistral, where the SSH private key filename of a std.ssh action could be manipulated. The flaw could be exploited to determine the presence of a file path on the host executing the std.ssh action, based on the returned error message."], "name": "CVE-2018-16849", "package_state": [{"cpe": "cpe:/a:redhat:openstack:14", "fix_state": "Out of support scope", "package_name": "openstack-mistral", "product_name": "Red Hat OpenStack Platform 14 (Rocky)"}, {"cpe": "cpe:/a:redhat:openstack:15", "fix_state": "Affected", "package_name": "openstack-mistral", "product_name": "Red Hat OpenStack Platform 15 (Stein)"}], "public_date": "2018-11-02T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-16849\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-16849"], "threat_severity": "Moderate"}