CVE-2017-15114
Severity
8.1HIGH
EPSS
0.9%
top 24.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 27
Latest updateMay 13
Description
When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd (which is equivalent to root access). If a vulnerability exists in another service it could, combined with this flaw, be exploited to escalate privileges to gain control over compute nodes.
CVSS vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9
Affected Packages1 packages
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-5h4f-9xqg-f36m: When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it defaults to the same certificate authority as all non↗2022-05-13
CVEList▶
CVE-2017-15114: When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it defaults to the same certificate authority as all non↗2017-11-27
OSV▶
CVE-2017-15114: When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it defaults to the same certificate authority as all non↗2017-11-27
📋Vendor Advisories
1Red Hat▶
rhosp-director: Passwordless access for non-libvirt related services when using shared certificate authority↗2017-11-06
💬Community
1Bugzilla▶
CVE-2017-15114 rhosp-director: Passwordless access for non-libvirt related services when using shared certificate authority↗2017-11-06