CVE-2017-16239

In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters (for example, the ImagePropertiesFilter or the IsolatedHostsFilter). All setups using Nova Filter Scheduler are affected. Because of the regression described in Launchpad Bug #1732947, the preferred fix is a 14.x version after 14.0.10, a 15.x version after 15.0.8, or a 16.x version after 16.0.3.

CVSS v3 6.5 MEDIUM
CVSS v2.0 4.0 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector : AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:N/I:P/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.securityfocus.com/bid/101950	Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2018:0241
https://access.redhat.com/errata/RHSA-2018:0314
https://access.redhat.com/errata/RHSA-2018:0369
https://launchpad.net/bugs/1664931	Issue Tracking
https://security.openstack.org/ossa/OSSA-2017-005.html	Vendor Advisory
https://www.debian.org/security/2017/dsa-4056

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:openstack:nova::::::::
	cpe:2.3:a:openstack:nova:15.0.0:::::::*
	cpe:2.3:a:openstack:nova:15.0.1:::::::*
	cpe:2.3:a:openstack:nova:15.0.2:::::::*
	cpe:2.3:a:openstack:nova:15.0.3:::::::*
	cpe:2.3:a:openstack:nova:15.0.4:::::::*
	cpe:2.3:a:openstack:nova:15.0.5:::::::*
	cpe:2.3:a:openstack:nova:15.0.6:::::::*
	cpe:2.3:a:openstack:nova:15.0.7:::::::*
	cpe:2.3:a:openstack:nova:16.0.0:::::::*
	cpe:2.3:a:openstack:nova:16.0.1:::::::*
	cpe:2.3:a:openstack:nova:16.0.2:::::::*

History

No history.

Information

Published : 2017-11-14 17:29

Updated : 2019-10-03 00:03

NVD link : CVE-2017-16239

Mitre link : CVE-2017-16239

CVE.ORG link : CVE-2017-16239

JSON object : View

Products Affected

openstack

nova

CWE

NVD-CWE-noinfo

{"id": "CVE-2017-16239", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2017-11-14T17:29:00.290", "references": [{"url": "http://www.securityfocus.com/bid/101950", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://access.redhat.com/errata/RHSA-2018:0241", "source": "cve@mitre.org"}, {"url": "https://access.redhat.com/errata/RHSA-2018:0314", "source": "cve@mitre.org"}, {"url": "https://access.redhat.com/errata/RHSA-2018:0369", "source": "cve@mitre.org"}, {"url": "https://launchpad.net/bugs/1664931", "tags": ["Issue Tracking"], "source": "cve@mitre.org"}, {"url": "https://security.openstack.org/ossa/OSSA-2017-005.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.debian.org/security/2017/dsa-4056", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters (for example, the ImagePropertiesFilter or the IsolatedHostsFilter). All setups using Nova Filter Scheduler are affected. Because of the regression described in Launchpad Bug #1732947, the preferred fix is a 14.x version after 14.0.10, a 15.x version after 15.0.8, or a 16.x version after 16.0.3."}, {"lang": "es", "value": "En OpenStack Nova hasta la versi\u00f3n 14.0.9, 15.x hasta la versi\u00f3n 15.0.7 y 16.x hasta la versi\u00f3n 16.0.2, al reconstrur una instancia, un usuario autenticado podr\u00eda saltarse el Filter Scheduler omitiendos los filtros impuestos (por ejemplo, ImagePropertiesFilter o IsolatedHostsFilter). Todas las configuraciones que utilizan Nova Filter Scheduler se ven afectadas. Dada la regresi\u00f3n descrita en Launchpad Bug #1732947, la soluci\u00f3n preferida es una versi\u00f3n 14.x posterior a la 14.0.10, una 15.x posterior a la 15.0.8 o una versi\u00f3n 16.x posterior a la 16.0.3."}], "lastModified": "2019-10-03T00:03:26.223", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6D59D57-690B-47DB-BABE-C6B3270543D2", "versionEndIncluding": "14.0.9"}, {"criteria": "cpe:2.3:a:openstack:nova:15.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86CACA5B-1C6D-4048-B744-D14B00BFEAA0"}, {"criteria": "cpe:2.3:a:openstack:nova:15.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4675B0D5-9944-4F0A-9FBC-8C1A3AE6E82B"}, {"criteria": "cpe:2.3:a:openstack:nova:15.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0ADBCCE8-EFB3-4EC9-9B51-C59CAAA715E4"}, {"criteria": "cpe:2.3:a:openstack:nova:15.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41376DB5-5370-45C7-A7E5-1BD00930B2A6"}, {"criteria": "cpe:2.3:a:openstack:nova:15.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "184DFB6F-F8F1-4CC0-BA4B-23011D6509E7"}, {"criteria": "cpe:2.3:a:openstack:nova:15.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FEA03C25-5C3C-45AD-8103-29816334A750"}, {"criteria": "cpe:2.3:a:openstack:nova:15.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F61E6431-A221-4AB2-9C7F-DBBC81BF0D28"}, {"criteria": "cpe:2.3:a:openstack:nova:15.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F46668A2-8AC7-4112-A885-D41E615B4FFB"}, {"criteria": "cpe:2.3:a:openstack:nova:16.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F76E3B63-4BE8-4A18-9962-41A4FBAA0B0C"}, {"criteria": "cpe:2.3:a:openstack:nova:16.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BB93C6E-7AFD-46C5-BBEC-E6FA771808ED"}, {"criteria": "cpe:2.3:a:openstack:nova:16.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FB190BC-5442-48E1-881C-944FAF0FB0D2"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}