{"containers": {"cna": {"affected": [{"product": "nova_libvirt container provided by the Red Hat OpenStack Platform", "vendor": "n/a", "versions": [{"status": "affected", "version": "16"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. This flaw causes sVirt, an important isolation mechanism, to be disabled for all running virtual machines."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "Improper access control CWE-284", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-07-31T12:38:45", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831544"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-10731", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "nova_libvirt container provided by the Red Hat OpenStack Platform", "version": {"version_data": [{"version_value": "16"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. This flaw causes sVirt, an important isolation mechanism, to be disabled for all running virtual machines."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper access control CWE-284"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1831544", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831544"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:14:14.177Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831544"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-10731", "datePublished": "2020-07-31T12:38:45", "dateReserved": "2020-03-20T00:00:00", "dateUpdated": "2024-08-04T11:14:14.177Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openstack_platform:15.0:*:*:*:*:*:*:*", "matchCriteriaId": "7716ED5D-8213-49E9-AAA6-8C4B45FFE3B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openstack_platform:16.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0C9F10E-F45D-4EA7-B39A-5298DDE84FCC", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*", "matchCriteriaId": "DCC81071-B46D-4F5D-AC25-B4A4CCC20C73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. This flaw causes sVirt, an important isolation mechanism, to be disabled for all running virtual machines."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo en el contenedor nova_libvirt provisto por el Red Hat OpenStack Platform versi\u00f3n 16, donde no se encuentra habilitado SELinux. Este fallo causa que sVirt, un importante mecanismo de aislamiento, se deshabilite para todas las m\u00e1quinas virtuales en ejecuci\u00f3n"}], "id": "CVE-2020-10731", "lastModified": "2021-10-19T13:00:06.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-07-31T13:15:12.383", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831544"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-284"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"acknowledgement": "This issue was discovered by Daniel Berrang\u00e9 (Red Hat) and Lukas Bezdicka (Red Hat).", "affected_release": [{"advisory": "RHSA-2020:3410", "cpe": "cpe:/a:redhat:openstack:15::el8", "package": "openstack-tripleo-heat-templates-0:10.6.3-0.20200113185561.cf467ea.el8ost", "product_name": "Red Hat OpenStack Platform 15.0 (Stein)", "release_date": "2020-08-11T00:00:00Z"}, {"advisory": "RHSA-2020:3410", "cpe": "cpe:/a:redhat:openstack:15::el8", "package": "python-paunch-0:4.5.3-0.20200108190460.3c38fe6.el8ost", "product_name": "Red Hat OpenStack Platform 15.0 (Stein)", "release_date": "2020-08-11T00:00:00Z"}, {"advisory": "RHSA-2020:3406", "cpe": "cpe:/a:redhat:openstack:16::el8", "package": "openstack-tripleo-heat-templates-0:11.3.2-0.20200405044628.ec9970c.el8ost", "product_name": "Red Hat OpenStack Platform 16.0 (Train)", "release_date": "2020-08-11T00:00:00Z"}, {"advisory": "RHSA-2020:3406", "cpe": "cpe:/a:redhat:openstack:16::el8", "package": "python-paunch-0:5.3.2-0.20200320172310.ebc49c4.el8ost", "product_name": "Red Hat OpenStack Platform 16.0 (Train)", "release_date": "2020-08-11T00:00:00Z"}, {"advisory": "RHSA-2020:3199", "cpe": "cpe:/a:redhat:openstack:16.1::el8", "package": "openstack-tripleo-heat-templates-0:11.3.2-0.20200616081532.396affd.el8ost", "product_name": "Red Hat OpenStack Platform 16.1", "release_date": "2020-07-29T00:00:00Z"}], "bugzilla": {"description": "openstack-tripleo-heat-templates: No sVirt protection for OSP16 VMs due to disabled SELinux", "id": "1831544", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831544"}, "csaw": false, "cvss3": {"cvss3_base_score": "9.9", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-284->CWE-1220", "details": ["A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. This flaw causes sVirt, an important isolation mechanism, to be disabled for all running virtual machines.", "A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. This flaw causes sVirt, an important isolation mechanism, to be disabled for all running virtual machines."], "name": "CVE-2020-10731", "package_state": [{"cpe": "cpe:/a:redhat:openstack:10", "fix_state": "Not affected", "package_name": "openstack-tripleo-heat-templates", "product_name": "Red Hat OpenStack Platform 10 (Newton)"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Not affected", "package_name": "openstack-tripleo-heat-templates", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}], "public_date": "2020-07-28T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-10731\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-10731\nhttps://bugs.launchpad.net/tripleo/+bug/1880947"], "threat_severity": "Important", "upstream_fix": "openstack-tripleo-heat-templates 11.3.2, openstack-tripleo-heat-templates 10.6.3"}