#VU100769 Man-in-the-Middle (MitM) attack in openstack-tripleo-common (Red Hat package) - CVE-2024-8007


Vulnerability identifier: #VU100769

Vulnerability risk: Medium

CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-8007

CWE-ID: CWE-300

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
openstack-tripleo-common (Red Hat package)
Operating systems & Components / Operating system package or component

Vendor: Red Hat Inc.

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists within the openstack-tripleo-common component, which may allow an attacker to deploy compromised container images via disabling TLS certificate verification for registry mirrors. A remote attacker can perform a man-in-the-middle (MitM) attack and bypass implemented security restrictions.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

openstack-tripleo-common (Red Hat package): before 15.4.1-17.1.20240911093743.e5b18f2.el8ost

External links
https://access.redhat.com/security/cve/CVE-2024-8007
https://bugzilla.redhat.com/show_bug.cgi?id=2305975

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Man-in-the-Middle (MitM) attack in Red Hat OpenStack 17.1
Man-in-the-Middle (MitM) attack in Red Hat OpenStack 17.1