Metrics
Affected Vendors & Products
Mon, 25 Nov 2024 04:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | ||
References |
|
Fri, 22 Nov 2024 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:openstack:17.1::el8 cpe:/a:redhat:openstack:17.1::el9 |
Mon, 23 Sep 2024 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A flaw was found in the Red Hat OpenStack Platform (RHOSP) director. This vulnerability allows an attacker to deploy potentially compromised container images via disabling TLS certificate verification for registry mirrors, which could enable a man-in-the-middle (MITM) attack. | A flaw was found in the openstack-tripleo-common component of the Red Hat OpenStack Platform (RHOSP) director. This vulnerability allows an attacker to deploy potentially compromised container images via disabling TLS certificate verification for registry mirrors, which could enable a man-in-the-middle (MITM) attack. |
Title | Rhosp-director: rhosp director disables tls verification for registry mirrors | Openstack-tripleo-common: rhosp director disables tls verification for registry mirrors |
Wed, 18 Sep 2024 08:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
cvssV3_1
|
Fri, 23 Aug 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat openstack Platform
|
|
CPEs | cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:* cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:* cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:* |
|
Vendors & Products |
Redhat openstack Platform
|
Wed, 21 Aug 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 21 Aug 2024 14:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | No description is available for this CVE. | A flaw was found in the Red Hat OpenStack Platform (RHOSP) director. This vulnerability allows an attacker to deploy potentially compromised container images via disabling TLS certificate verification for registry mirrors, which could enable a man-in-the-middle (MITM) attack. |
Title | rhosp-director: RHOSP Director Disables TLS Verification for Registry Mirrors | Rhosp-director: rhosp director disables tls verification for registry mirrors |
First Time appeared |
Redhat
Redhat openstack |
|
CPEs | cpe:/a:redhat:openstack:16.1 cpe:/a:redhat:openstack:16.2 cpe:/a:redhat:openstack:17.1 |
|
Vendors & Products |
Redhat
Redhat openstack |
|
References |
|
Tue, 20 Aug 2024 21:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | No description is available for this CVE. | |
Title | rhosp-director: RHOSP Director Disables TLS Verification for Registry Mirrors | |
Weaknesses | CWE-295 | |
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
Status: PUBLISHED
Assigner: redhat
Published: 2024-08-21T13:40:25.242Z
Updated: 2024-11-25T06:37:26.259Z
Reserved: 2024-08-20T11:09:27.802Z
Link: CVE-2024-8007
Updated: 2024-08-21T15:06:33.436Z
Status : Modified
Published: 2024-08-21T14:15:09.753
Modified: 2024-11-25T05:15:12.250
Link: CVE-2024-8007