CVE-2017-16239

medium

Description

In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters (for example, the ImagePropertiesFilter or the IsolatedHostsFilter). All setups using Nova Filter Scheduler are affected. Because of the regression described in Launchpad Bug #1732947, the preferred fix is a 14.x version after 14.0.10, a 15.x version after 15.0.8, or a 16.x version after 16.0.3.

References

https://www.debian.org/security/2017/dsa-4056

https://security.openstack.org/ossa/OSSA-2017-005.html

https://launchpad.net/bugs/1664931

https://access.redhat.com/errata/RHSA-2018:0369

https://access.redhat.com/errata/RHSA-2018:0314

https://access.redhat.com/errata/RHSA-2018:0241

http://www.securityfocus.com/bid/101950

Details

Source: Mitre, NVD

Published: 2017-11-14

Updated: 2019-10-03

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Severity: Medium