An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the cert_manager.py. component.
The product checks the state of a resource before using that resource, but the resource’s state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Magnum | Openstack | - (including) | - (including) |
| Magnum | Ubuntu | focal | * |
| Magnum | Ubuntu | mantic | * |
| Magnum | Ubuntu | oracular | * |