CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-8007

A flaw was found in the openstack-tripleo-common component of the Red Hat OpenStack Platform (RHOSP) director. This vulnerability allows an attacker to deploy potentially compromised container images via disabling TLS certificate verification for registry mirrors, which could enable a man-in-the-middle (MITM) attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.3%

CVSS Severity

CVSS v3 Score 8.1

References

https://access.redhat.com/errata/RHSA-2024:9990
https://access.redhat.com/errata/RHSA-2024:9991
https://access.redhat.com/security/cve/CVE-2024-8007
https://bugzilla.redhat.com/show_bug.cgi?id=2305975

Products affected by CVE-2024-8007

Redhat » Openstack Platform » Version: 16.1

cpe:2.3:a:redhat:openstack_platform:16.1
Redhat » Openstack Platform » Version: 16.2

cpe:2.3:a:redhat:openstack_platform:16.2
Redhat » Openstack Platform » Version: 17.1

cpe:2.3:a:redhat:openstack_platform:17.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-8007

Products

Pricing

Contact Us