CVE-2023-1636
Last modified
CVE-2023-1636 is a medium-severity vulnerability rated 5/10 on the CVSS scale. A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. EPSS estimates a 0.48% chance of exploitation in the next 30 days.
Description
A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any service is compromised, it could gain access to the data transmitted to and from Barbican.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Openstack | Barbican | All versions |
| Redhat | Openstack Platform | 16.1 |
| Redhat | Openstack Platform | 16.2 |
| Redhat | Openstack Platform | 17.0 |
References
- https://access.redhat.com/security/cve/CVE-2023-1636Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2181765Issue Tracking, Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2023-1636Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2181765Issue Tracking, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2023-1636?
How severe is CVE-2023-1636?
How do I fix CVE-2023-1636?
Are you affected by CVE-2023-1636?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST