Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens.
CVSS Information
N/A
Vulnerability Type
访问控制不恰当
Vulnerability Title
python-novajoin 访问控制错误漏洞
Vulnerability Description
python-novajoin是一款为OpenStack nova元数据服务提供动态vendordata插件的Python包,它主要用于管理IPA服务器中的主机实例化。 python-novajoin 1.1.1之前版本中存在访问控制错误漏洞。该漏洞源于网络系统或产品未正确限制来自未授权角色的资源访问。
CVSS Information
N/A
Vulnerability Type
N/A