Suse Openstack Cloud 8 Vulnerabilities

Suse Suse Openstack Cloud 8 vulnerabilities.

1 September 2020

Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND=ldap in openldap2
CVE-2020-8023
SuseSuse Enterprise Storage 57.7HIGH

29 June 2020

User-writeable configuration file /usr/lib/tmpfiles.d/tomcat.conf allows for escalation of priviliges
CVE-2020-8022
SuseSuse Enterprise Storage 57.7HIGH

3 April 2020

crowbar provision leaks admin password to all nodes in cleartext
CVE-2018-17954
SuseSuse Openstack Cloud 79.3CRITICAL

17 January 2020

keystone_json_assignment backend granted access to any project for users in user-project-map.json
CVE-2019-3683
SuseSuse Openstack Cloud 88.8HIGH

No more vulnerabilities to load.