CVE-2016-7404 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2016-7404 Interim 1 8 2022-10-15T16:31:05Z current 2021-05-30T13:45:35Z 2022-10-15T16:31:05Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2016-7404 OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. While these should just be used for retrieving the instances' SSL certificates, they allow full API access, though and can be used to perform any API operation the user is authorized to perform. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2017-May/002853.html E-Mail link for SUSE-SU-2017:1233-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE OpenStack Cloud 7 openstack-magnum-3.1.2~a0~dev20-9.4 openstack-magnum-api-3.1.2~a0~dev20-9.4 openstack-magnum-conductor-3.1.2~a0~dev20-9.4 openstack-magnum-doc-3.1.2~a0~dev20-9.3 python-magnum-3.1.2~a0~dev20-9.4 openstack-magnum-3.1.2~a0~dev20-9.4 as a component of SUSE OpenStack Cloud 7 openstack-magnum-api-3.1.2~a0~dev20-9.4 as a component of SUSE OpenStack Cloud 7 openstack-magnum-conductor-3.1.2~a0~dev20-9.4 as a component of SUSE OpenStack Cloud 7 openstack-magnum-doc-3.1.2~a0~dev20-9.3 as a component of SUSE OpenStack Cloud 7 python-magnum-3.1.2~a0~dev20-9.4 as a component of SUSE OpenStack Cloud 7 OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. While these should just be used for retrieving the instances' SSL certificates, they allow full API access, though and can be used to perform any API operation the user is authorized to perform. CVE-2016-7404 SUSE OpenStack Cloud 7:openstack-magnum-3.1.2~a0~dev20-9.4 SUSE OpenStack Cloud 7:openstack-magnum-api-3.1.2~a0~dev20-9.4 SUSE OpenStack Cloud 7:openstack-magnum-conductor-3.1.2~a0~dev20-9.4 SUSE OpenStack Cloud 7:openstack-magnum-doc-3.1.2~a0~dev20-9.3 SUSE OpenStack Cloud 7:python-magnum-3.1.2~a0~dev20-9.4 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P 8.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N