Amphora Images in OpenStack Octavia >=0.10.0 <2.1.2, >=3.0.0 <3.2.0, >=4.0.0 <4.1.0 allows anyone with access to the management network to bypass client-certificate based authentication and retrieve information or issue configuration commands via simple HTTP requests to the Agent on port https/9443, because the cmd/agent.py gunicorn cert_reqs option is True but is supposed to be ssl.CERT_REQUIRED.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Octavia | Opendev | 0.10.0 (including) | 2.1.2 (excluding) |
| Octavia | Opendev | 3.0.0 (including) | 3.2.0 (excluding) |
| Octavia | Opendev | 4.0.0 (including) | 4.1.0 (excluding) |
| Red Hat OpenStack Platform 13.0 (Queens) | RedHat | openstack-octavia-0:2.1.2-1.el7ost | * |
| Red Hat OpenStack Platform 14.0 (Rocky) | RedHat | openstack-octavia-0:3.1.0-3.el7ost | * |
| Red Hat OpenStack Platform 15.0 (Stein) | RedHat | openstack-octavia-0:4.1.2-0.20200114080449.5a71643.el8ost | * |
| Octavia | Ubuntu | disco | * |
| Octavia | Ubuntu | trusty | * |
| Octavia | Ubuntu | upstream | * |