Vulnerability Details : CVE-2016-7404
OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. While these should just be used for retrieving the instances' SSL certificates, they allow full API access, though and can be used to perform any API operation the user is authorized to perform.
Vulnerability category: Information leak
Products affected by CVE-2016-7404
- cpe:2.3:a:openstack:magnum:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-7404
2.86%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 85 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-7404
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
|
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2016-7404
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-7404
-
https://www.securityfocus.com/bid/98467
OpenStack Magnum CVE-2016-7404 Multiple Security Bypass VulnerabilitiesThird Party Advisory;VDB Entry
-
https://bugzilla.suse.com/show_bug.cgi?id=998182
Bug 998182 – VUL-0: CVE-2016-7404: openstack-magnum: Magnum created instances have full API access to creating user's OpenStack accountIssue Tracking;Patch;Third Party Advisory
-
https://opendev.org/openstack/magnum/commit/0bb0d6486d6771ee21bbf897a091b1aa59e01b22
Fix CVE-2016-7404 · 0bb0d6486d - magnum - OpenDev: Free Software Needs Free ToolsPatch;Third Party Advisory
-
https://bugs.launchpad.net/magnum/+bug/1620536
Error: Page not foundBroken Link;Issue Tracking;Third Party Advisory
Jump to