Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2019-3895 | First vendor Publication | 2019-06-03 |
| Vendor | Cve | Last vendor Modification | 2021-08-04 |
Security-Database Scoring CVSS v3
| Cvss vector : CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H | |||
|---|---|---|---|
| Overall CVSS Score | 8 | ||
| Base Score | 8 | Environmental Score | 8 |
| impact SubScore | 5.9 | Temporal Score | 8 |
| Exploitabality Sub Score | 2.1 | ||
| Attack Vector | Network | Attack Complexity | Low |
| Privileges Required | Low | User Interaction | Required |
| Scope | Unchanged | Confidentiality Impact | High |
| Integrity Impact | High | Availability Impact | High |
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 6.8 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Director. An attacker could cause new amphorae to run based on any arbitrary image. This meant that a remote attacker could upload a new amphorae image and, if requested to spawn new amphorae, Octavia would then pick up the compromised image. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3895 |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 | |
| Application | 1 |
Sources (Detail)
| Source | Url |
|---|---|
| CONFIRM | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3895 |
| REDHAT | https://access.redhat.com/errata/RHSA-2019:1683 https://access.redhat.com/errata/RHSA-2019:1742 |
Alert History
| Date | Informations |
|---|---|
| 2021-08-10 00:23:04 |
|
| 2021-08-05 01:43:30 |
|
| 2021-08-05 01:33:58 |
|
| 2021-08-04 21:23:25 |
|
| 2021-05-04 13:35:54 |
|
| 2021-04-22 02:48:21 |
|
| 2020-10-16 21:23:03 |
|
| 2020-05-23 02:30:01 |
|
| 2019-07-10 21:19:29 |
|
| 2019-07-03 05:19:31 |
|
| 2019-06-05 00:19:51 |
|
| 2019-06-04 00:19:06 |
|
