A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.
History

Tue, 26 Nov 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sat, 23 Nov 2024 15:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-237

Sun, 17 Nov 2024 10:30:00 +0000

Type Values Removed Values Added
Title openstack: deleting a non existing access rule deletes another existing access rule in it's scope Openstack: deleting a non existing access rule deletes another existing access rule in it's scope
CPEs cpe:/a:redhat:openstack:16.1
cpe:/a:redhat:openstack:16.2
cpe:/a:redhat:openstack:17.0
cpe:/a:redhat:openstack:18.0
References

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-11-17T10:22:34.776Z

Updated: 2024-12-05T20:30:27.043Z

Reserved: 2023-11-13T19:27:25.305Z

Link: CVE-2023-6110

cve-icon Vulnrichment

Updated: 2024-11-17T16:17:32.463Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-11-17T11:15:06.097

Modified: 2024-12-05T21:15:07.010

Link: CVE-2023-6110

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-01-24T00:00:00Z

Links: CVE-2023-6110 - Bugzilla