CVE-2023-6110

{"id": "CVE-2023-6110", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 2.1}]}, "published": "2024-11-17T11:15:06.097", "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:2737", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:2769", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/security/cve/CVE-2023-6110", "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2212960", "source": "secalert@redhat.com"}, {"url": "https://code.engineering.redhat.com/gerrit/gitweb?p=python-openstackclient.git;a=commit;h=7a7c364bdd7b2cd2b56e73724110710a68d58abf", "source": "secalert@redhat.com"}, {"url": "https://review.opendev.org/c/openstack/python-openstackclient/+/888697", "source": "secalert@redhat.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-237"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials."}, {"lang": "es", "value": "Se encontr\u00f3 una falla en OpenStack. Cuando un usuario intenta eliminar una regla de acceso inexistente en su \u00e1mbito, elimina otras reglas de acceso existentes que no est\u00e1n asociadas con ninguna credencial de aplicaci\u00f3n."}], "lastModified": "2024-12-05T21:15:07.010", "sourceIdentifier": "secalert@redhat.com"}