CVE-2020-10731

Published: Jul 31, 2020Modified: Nov 21, 2024

9.9

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Exploitability: 3.1 / Impact: 6.0

Source: NVD

Description

A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. This flaw causes sVirt, an important isolation mechanism, to be disabled for all running virtual machines.

Affected (3)

Products: Redhat: Openstack Platform

Redhat

1 product

Openstack Platform

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Redhat Openstack Platform	Version 15.0
Redhat Openstack Platform	Version 16.0
Redhat Openstack Platform	Version 16.1

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

https://bugzilla.redhat.com/show_bug.cgi?id=1831544

Source: secalert@redhat.com

Issue TrackingVendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1831544

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingVendor Advisory

Timeline

No history available yet.