Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2021-3654

CWE-601 — Open Redirect9 documents8 sources

Severity

6.1MEDIUM

EPSS

87.2%

top 0.55%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Openstack Nova Redhat Openstack Platform

Timeline

PublishedMar 2

Latest updateFeb 13

Description

A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages5 packages

▶NVDopenstack/nova22.0.0 — 22.2.3+2

▶CVEListV5openstack-novaAffects - Nova: <21.2.3, >=22.0.0 <22.2.3, >=23.0.0 <23.0.3 | Fixed-In 21.2.3, 22.3.0, and 23.1.0

▶PyPInova22.0.0 — 22.2.3+2

▶Debiannova< 2:23.0.2-3+2

▶NVDredhat/openstack_platform16.1, 16.2+1

Patches

Patch: bugs.launchpad.net ↗Patch: bugs.python.org ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

Open Redirect in CPython that affects users of OpenStack Nova↗2022-03-04

▶

OSV

Open Redirect in CPython that affects users of OpenStack Nova↗2022-03-04

▶

CVEList

CVE-2021-3654: A vulnerability was found in openstack-nova's console proxy, noVNC↗2022-03-02

▶

OSV

CVE-2021-3654: A vulnerability was found in openstack-nova's console proxy, noVNC↗2022-03-02

▶

💥Exploits & PoCs

Nuclei

Nova noVNC - Open Redirect

▶

📋Vendor Advisories

Ubuntu

Nova vulnerabilities↗2023-02-13

▶

Red Hat

openstack-nova: novnc allows open redirection↗2021-05-13

▶

Debian

CVE-2021-3654: nova - A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting ...↗2021

▶