Vulnerability CVE-2016-4972


Published: 2016-09-26

Description:
OpenStack Murano before 1.0.3 (liberty) and 2.x before 2.0.1 (mitaka), Murano-dashboard before 1.0.3 (liberty) and 2.x before 2.0.1 (mitaka), and python-muranoclient before 0.7.3 (liberty) and 0.8.x before 0.8.5 (mitaka) improperly use loaders inherited from yaml.Loader when parsing MuranoPL and UI files, which allows remote attackers to create arbitrary Python objects and execute arbitrary code via crafted extended YAML tags in UI definitions in packages.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Openstack -> Mitaka-murano 
Openstack -> Murano 
Openstack -> Murano-dashboard 
Openstack -> Python-muranoclient 

 References:
http://www.openwall.com/lists/oss-security/2016/06/23/8
https://bugs.launchpad.net/murano/+bug/1586079
https://bugs.launchpad.net/python-muranoclient/+bug/1586078

Copyright 2020, cxsecurity.com

 

Back to Top