Safety vulnerability ID: 37547
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Amphora Images in OpenStack Octavia >=0.10.0 <2.1.2, >=3.0.0 <3.2.0, >=4.0.0 <4.1.0 allows anyone with access to the management network to bypass client-certificate based authentication and retrieve information or issue configuration commands via simple HTTP requests to the Agent on port https/9443, because the cmd/agent.py gunicorn cert_reqs option is True but is supposed to be ssl.CERT_REQUIRED.
Latest version: 15.0.0
OpenStack Octavia Scalable Load Balancer as a Service
Amphora Images in OpenStack Octavia >=0.10.0 <2.1.2, >=3.0.0 <3.2.0, >=4.0.0 <4.1.0 allows anyone with access to the management network to bypass client-certificate based authentication and retrieve information or issue configuration commands via simple HTTP requests to the Agent on port https/9443, because the cmd/agent.py gunicorn cert_reqs option is True but is supposed to be ssl.CERT_REQUIRED.
CONFIRM:https://security.openstack.org/ossa/OSSA-2019-005.html: https://security.openstack.org/ossa/OSSA-2019-005.html
MISC:https://review.opendev.org/686541: https://review.opendev.org/686541
MISC:https://review.opendev.org/686543: https://review.opendev.org/686543
MISC:https://review.opendev.org/686544: https://review.opendev.org/686544
MISC:https://review.opendev.org/686545: https://review.opendev.org/686545
MISC:https://review.opendev.org/686546: https://review.opendev.org/686546
MISC:https://review.opendev.org/686547: https://review.opendev.org/686547
MISC:https://storyboard.openstack.org/#!/story/2006660: https://storyboard.openstack.org/#%21/story/2006660
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application