VYPR
Critical severityNVD Advisory· Published Oct 8, 2019· Updated Aug 5, 2024

CVE-2019-17134

CVE-2019-17134

Description

Amphora Images in OpenStack Octavia >=0.10.0 <2.1.2, >=3.0.0 <3.2.0, >=4.0.0 <4.1.0 allows anyone with access to the management network to bypass client-certificate based authentication and retrieve information or issue configuration commands via simple HTTP requests to the Agent on port https/9443, because the cmd/agent.py gunicorn cert_reqs option is True but is supposed to be ssl.CERT_REQUIRED.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
octaviaPyPI
>= 0.10.0, < 2.1.22.1.2
octaviaPyPI
>= 3.0.0, < 3.2.03.2.0
octaviaPyPI
>= 4.0.0, < 4.1.04.1.0

Affected products

43

Patches

Vulnerability mechanics

References

21

News mentions

0

No linked articles in our index yet.