An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the cert_manager.py. component.
The vulnerability classified as CWE-367 (Time-of-check Time-of-use, TOCTOU) is located in the cert_manager.py component responsible for certificate management in OpenStack Magnum. The flaw results from a race condition between the moment of object state verification and its actual use, allowing an attacker to manipulate the code execution flow. An attacker can invoke the vulnerable component remotely without needing any credentials, which corresponds to the attack vector AV:N/AC:L/PR:N/UI:N.
Successful exploitation of the vulnerability allows an attacker to execute arbitrary code remotely (RCE) on the server hosting the OpenStack Magnum service, which may lead to complete system takeover, disclosure of sensitive data, and compromise of the integrity and availability of the environment.
Apply patches available from the vendor according to the references — fix available through code review at https://review.opendev.org/c/openstack/magnum/+/907305. It is recommended to update the OpenStack Magnum environment as soon as possible and monitor the activity of the cert_manager.py component until the patch is deployed.
OpenStack Magnum in yoga-eom version
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HOpenstack Magnum
APPOpenstackwszystkie wersje
Related vulnerabilities
OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. While these shou...
RCE w OpenStack Vitrage — wykonanie kodu przez parser zapytań API
OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the...
An issue was discovered in OpenStack blazar-dashboard before 1.3.1, 2.0.0, and 3.0.0. A user allowed to access...
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass