Metrics
Affected Vendors & Products
Thu, 13 Feb 2025 00:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| CPEs | cpe:/a:redhat:openstack:16.2::el8 | 
Fri, 22 Nov 2024 15:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Redhat openstack | |
| CPEs | cpe:/a:redhat:openstack:17.1::el9 | |
| Vendors & Products | Redhat openstack | 
Thu, 07 Nov 2024 15:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| CPEs | cpe:/a:redhat:openshift_ironic:4.12::el9 | 
Thu, 07 Nov 2024 08:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Weaknesses | CWE-862 | |
| Metrics | cvssV3_1 
 | cvssV3_1 
 | 
Thu, 24 Oct 2024 02:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| CPEs | cpe:/a:redhat:openshift:4.14::el9 | 
Thu, 17 Oct 2024 14:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Redhat openshift Ironic | |
| CPEs | cpe:/a:redhat:openshift_ironic:4.13::el9 | |
| Vendors & Products | Redhat openshift Ironic | 
Thu, 10 Oct 2024 14:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| CPEs | cpe:/a:redhat:openshift:4.15::el9 | 
Wed, 02 Oct 2024 14:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Redhat Redhat openshift | |
| CPEs | cpe:/a:redhat:openshift:4.16::el9 | |
| Vendors & Products | Redhat Redhat openshift | 
Fri, 06 Sep 2024 17:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Title | openstack-ironic: Specially crafted image may allow authenticated users to gain access to potentially sensitive data | |
| Weaknesses | CWE-200 | |
| References |  | |
| Metrics | threat_severity 
 | cvssV3_1 
 
 | 
Fri, 06 Sep 2024 15:00:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| References |  | 
Fri, 06 Sep 2024 14:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | 
Fri, 06 Sep 2024 01:00:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | In OpenStack Ironic before 26.0.1 and ironic-python-agent before 9.13.1, there is a vulnerability in image processing, in which a crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data. The affected/fixed version details are: Ironic: <21.4.3, >=22.0.0 <23.0.2, >=23.1.0 <24.1.2, >=25.0.0 <26.0.1; Ironic-python-agent: <9.4.2, >=9.5.0 <9.7.1, >=9.8.0 <9.11.1, >=9.12.0 <9.13.1. | |
| References |  | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: mitre
Published: 2024-09-06T00:00:00
Updated: 2024-11-06T18:45:17.902Z
Reserved: 2024-08-19T00:00:00
Link: CVE-2024-44082
 Vulnrichment
                        Vulnrichment
                    Updated: 2024-09-06T13:24:17.341Z
 NVD
                        NVD
                    Status : Awaiting Analysis
Published: 2024-09-06T01:15:11.150
Modified: 2024-11-07T08:35:04.653
Link: CVE-2024-44082
 Redhat
                        Redhat