CVE-2016-7404
Description
OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. While these should just be used for retrieving the instances SSL certificates, they allow full API access, though and can be used to perform any API operation the user is authorized to perform.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
2.859
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2016-7404 are fixed in Python-openstack-magnum 5.0.0 | Windows |
| Vulnerabilities CVE-2016-7404 are fixed in Python-openstack-magnum for linux 5.0.0 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234