Unrated severityNVD Advisory· Published Aug 21, 2024· Updated Feb 25, 2026

Openstack-tripleo-common: rhosp director disables tls verification for registry mirrors

CVE-2024-8007

Description

A flaw was found in the openstack-tripleo-common component of the Red Hat OpenStack Platform (RHOSP) director. This vulnerability allows an attacker to deploy potentially compromised container images via disabling TLS certificate verification for registry mirrors, which could enable a man-in-the-middle (MITM) attack.

Affected products

Pypi/Tripleo Commoninferred
Package: https://pypi.org/project/tripleo-common

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/errata/RHSA-2024:9990mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:9991mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/security/cve/CVE-2024-8007mitrevdb-entryx_refsource_REDHAT
bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000