Critical severity9.1NVD Advisory· Published Oct 8, 2019· Updated Jun 17, 2026
CVE-2019-17134
CVE-2019-17134
Description
Amphora Images in OpenStack Octavia >=0.10.0 <2.1.2, >=3.0.0 <3.2.0, >=4.0.0 <4.1.0 allows anyone with access to the management network to bypass client-certificate based authentication and retrieve information or issue configuration commands via simple HTTP requests to the Agent on port https/9443, because the cmd/agent.py gunicorn cert_reqs option is True but is supposed to be ssl.CERT_REQUIRED.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
octaviaPyPI | >= 0.10.0, < 2.1.2 | 2.1.2 |
octaviaPyPI | >= 3.0.0, < 3.2.0 | 3.2.0 |
octaviaPyPI | >= 4.0.0, < 4.1.0 | 4.1.0 |
Affected products
43- OpenStack/Octaviadescription
- ghsa-coords42 versionspkg:pypi/octaviapkg:rpm/suse/ardana-db&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-keystone&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-neutron&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-nova&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/crowbar-core&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/crowbar-openstack&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/crowbar-ui&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-barbican&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-barbican&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-heat-templates&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-heat-templates&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-keystone&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-keystone&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-neutron&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-neutron&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-neutron-gbp&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-neutron-gbp&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-neutron-lbaas&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-neutron-lbaas&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-nova&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-nova&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-octavia&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-octavia&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-sahara&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-sahara&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-psutil&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-psutil&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/release-notes-suse-openstack-cloud&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/release-notes-suse-openstack-cloud&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/venv-openstack-barbican&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-cinder&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-designate&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-heat&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-keystone&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-magnum&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-manila&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-monasca-ceilometer&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-neutron&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-nova&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-octavia&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-sahara&distro=SUSE%20OpenStack%20Cloud%209
>= 0.10.0, < 2.1.2+ 41 more
- (no CPE)range: >= 0.10.0, < 2.1.2
- (no CPE)range: < 9.0+git.1572311426.a6dc2fd-3.13.1
- (no CPE)range: < 9.0+git.1573069087.15ffd1c-3.13.1
- (no CPE)range: < 9.0+git.1572019823.6650494-3.16.1
- (no CPE)range: < 9.0+git.1572618171.4460843-3.13.1
- (no CPE)range: < 6.0+git.1573825081.b1caf60f1-3.16.1
- (no CPE)range: < 6.0+git.1573754820.dd036ef77-3.16.1
- (no CPE)range: < 1.3.0+git.1572871359.50fc6087-14.1
- (no CPE)range: < 7.0.1~dev21-3.3.1
- (no CPE)range: < 7.0.1~dev21-3.3.1
- (no CPE)range: < 0.0.0+git.1553459627.948e8cc-3.3.1
- (no CPE)range: < 0.0.0+git.1553459627.948e8cc-3.3.1
- (no CPE)range: < 14.1.1~dev28-3.16.1
- (no CPE)range: < 14.1.1~dev28-3.16.1
- (no CPE)range: < 13.0.6~dev8-3.16.2
- (no CPE)range: < 13.0.6~dev8-3.16.2
- (no CPE)range: < 5.0.1~dev476-3.13.1
- (no CPE)range: < 5.0.1~dev476-3.13.1
- (no CPE)range: < 13.0.1~dev16-3.13.1
- (no CPE)range: < 13.0.1~dev16-3.13.1
- (no CPE)range: < 18.2.4~dev22-3.16.2
- (no CPE)range: < 18.2.4~dev22-3.16.2
- (no CPE)range: < 3.2.1~dev3-3.16.1
- (no CPE)range: < 3.2.1~dev3-3.16.1
- (no CPE)range: < 9.0.2~dev14-3.6.1
- (no CPE)range: < 9.0.2~dev14-3.6.1
- (no CPE)range: < 5.4.6-3.3.1
- (no CPE)range: < 5.4.6-3.3.1
- (no CPE)range: < 9.20191025-3.15.1
- (no CPE)range: < 9.20191025-3.15.1
- (no CPE)range: < 7.0.1~dev21-3.13.1
- (no CPE)range: < 13.0.8~dev8-3.13.1
- (no CPE)range: < 7.0.1~dev22-3.13.1
- (no CPE)range: < 11.0.3~dev23-3.13.1
- (no CPE)range: < 14.1.1~dev28-3.13.1
- (no CPE)range: < 7.1.1~dev28-4.13.1
- (no CPE)range: < 7.3.1~dev15-3.13.1
- (no CPE)range: < 1.8.2~dev3-3.13.1
- (no CPE)range: < 13.0.6~dev8-6.13.1
- (no CPE)range: < 18.2.4~dev22-3.13.1
- (no CPE)range: < 3.2.1~dev3-4.13.1
- (no CPE)range: < 9.0.2~dev14-3.13.1
Patches
Vulnerability mechanics
References
21- review.opendev.org/686541nvdMailing ListPatchThird Party AdvisoryWEB
- review.opendev.org/686543nvdMailing ListPatchThird Party AdvisoryWEB
- review.opendev.org/686544nvdMailing ListPatchThird Party AdvisoryWEB
- review.opendev.org/686545nvdMailing ListPatchThird Party AdvisoryWEB
- review.opendev.org/686546nvdMailing ListPatchThird Party AdvisoryWEB
- review.opendev.org/686547nvdMailing ListPatchThird Party AdvisoryWEB
- security.openstack.org/ossa/OSSA-2019-005.htmlnvdPatchVendor AdvisoryWEB
- github.com/advisories/GHSA-r4v4-3jj7-jc29ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2019-17134ghsaADVISORY
- usn.ubuntu.com/4153-1/nvdThird Party Advisory
- github.com/openstack/octavia/commit/1725517d1d209f26b2275306d83e49c099dcbe1aghsaWEB
- github.com/openstack/octavia/commit/2976a7f0f109e17930db8a61136526ead44ea7e5ghsaWEB
- github.com/openstack/octavia/commit/624ff08f27bcb73788663cbe6d35cbe29c537844ghsaWEB
- github.com/openstack/octavia/commit/89a2f6e0136ad49d928eb65b4cf555af2a2b8ab1ghsaWEB
- github.com/openstack/octavia/commit/b0c2cd7b4c835c391cfedf12cf9f9ff8a0aabd17ghsaWEB
- github.com/openstack/octavia/commit/c2fdffc3b748f8007c72e52df257e38756923b40ghsaWEB
- storyboard.openstack.orgghsaWEB
- access.redhat.com/errata/RHSA-2019:3743nvd
- access.redhat.com/errata/RHSA-2019:3788nvd
- access.redhat.com/errata/RHSA-2020:0721nvd
- storyboard.openstack.orgnvd
News mentions
0No linked articles in our index yet.