ГлавнаяУязвимости → CVE-2024-8007
8.1высокая

CVE-2024-8007

Описание

A flaw was found in the openstack-tripleo-common component of the Red Hat OpenStack Platform (RHOSP) director. This vulnerability allows an attacker to deploy potentially compromised container images via disabling TLS certificate verification for registry mirrors, which could enable a man-in-the-middle (MITM) attack.

Затрагиваемое ПО
Redhat Openstack platform
CVSS
Балл8.1 — высокая
ВекторCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://access.redhat.com/errata/RHSA-2024:9990https://access.redhat.com/errata/RHSA-2024:9991https://access.redhat.com/security/cve/CVE-2024-8007https://bugzilla.redhat.com/show_bug.cgi?id=2305975