CVE-2016-4972

Published: Sep 26, 2016Modified: May 6, 2026

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

OpenStack Murano before 1.0.3 (liberty) and 2.x before 2.0.1 (mitaka), Murano-dashboard before 1.0.3 (liberty) and 2.x before 2.0.1 (mitaka), and python-muranoclient before 0.7.3 (liberty) and 0.8.x before 0.8.5 (mitaka) improperly use loaders inherited from yaml.Loader when parsing MuranoPL and UI files, which allows remote attackers to create arbitrary Python objects and execute arbitrary code via crafted extended YAML tags in UI definitions in packages.

Affected (4)

Products: Openstack: Mitaka Murano, Murano, Murano Dashboard, Python Muranoclient

4 products

Murano Dashboard

Python Muranoclient

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Openstack Mitaka Murano	Up to 2.0.0
Openstack Murano	Up to 1.0.2
Openstack Murano Dashboard	Up to 1.0.2
Openstack Python Muranoclient	Up to 0.7.2

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (6)

http://www.openwall.com/lists/oss-security/2016/06/23/8

Source: secalert@redhat.com

PatchThird Party Advisory

https://bugs.launchpad.net/murano/+bug/1586079

Source: secalert@redhat.com

PatchVendor Advisory

https://bugs.launchpad.net/python-muranoclient/+bug/1586078

Source: secalert@redhat.com

PatchVendor Advisory

http://www.openwall.com/lists/oss-security/2016/06/23/8

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://bugs.launchpad.net/murano/+bug/1586079

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://bugs.launchpad.net/python-muranoclient/+bug/1586078

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.