Untriaged
Permalink
CVE-2023-6110
5.5 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): LOW
- User interaction (UI): REQUIRED
- Scope (S): UNCHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): LOW
- Availability impact (A): LOW
Openstack: deleting a non existing access rule deletes another existing access rule in it's scope
A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.
References
- RHSA-2024:2737 x_refsource_REDHAT vendor-advisory
- RHSA-2024:2769 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-6110 x_refsource_REDHAT vdb-entry
- RHBZ#2212960 issue-tracking x_refsource_REDHAT
- https://code.engineering.redhat.com/gerrit/gitweb?p=python-openstackclient.git;…
- https://review.opendev.org/c/openstack/python-openstackclient/+/888697
- RHSA-2024:2737 x_refsource_REDHAT vendor-advisory
- RHSA-2024:2769 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-6110 x_refsource_REDHAT vdb-entry
- RHBZ#2212960 issue-tracking x_refsource_REDHAT
- https://code.engineering.redhat.com/gerrit/gitweb?p=python-openstackclient.git;…
- https://review.opendev.org/c/openstack/python-openstackclient/+/888697
- https://review.opendev.org/c/openstack/python-openstackclient/+/888697
- RHSA-2024:2737 x_refsource_REDHAT vendor-advisory
- RHSA-2024:2769 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-6110 x_refsource_REDHAT vdb-entry
- RHBZ#2212960 issue-tracking x_refsource_REDHAT
- https://code.engineering.redhat.com/gerrit/gitweb?p=python-openstackclient.git;…
Affected products
openstack-keystone
python-openstackclient
- *
Matching in nixpkgs
pkgs.openstackclient
OpenStack Command-line Client
-
nixos-unstable -
- nixpkgs-unstable 8.2.0
pkgs.openstackclient-full
OpenStack Command-line Client
-
nixos-unstable -
- nixpkgs-unstable 8.2.0
pkgs.python312Packages.python-openstackclient
OpenStack Command-line Client
-
nixos-unstable -
- nixpkgs-unstable 8.2.0
pkgs.python313Packages.python-openstackclient
OpenStack Command-line Client
-
nixos-unstable -
- nixpkgs-unstable 8.2.0
Package maintainers
-
@vinetos vinetos <contact+git@vinetos.fr>
-
@anthonyroussel Anthony Roussel <anthony@roussel.dev>
-
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>