CVE-2023-2088

MEDIUM Year: 2023
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-440
View all →

Vulnerability Description

A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerability by detaching one of their volumes from Cinder. The highest impact is to confidentiality.

Related Vulnerabilities

CVE-2023-6129

MEDIUM
CVSS:6.5(Medium)

Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU prov...

CWE-4402023

CVE-2024-30246

HIGH
CVSS:7.1(High)

Tuleap is an Open Source Suite to improve management of software developments and collaboration. A malicious user could exploit this issue on purpose to delete information on the instance or possibly ...

CWE-4402024

CVE-2025-0508

MEDIUM
CVSS:5.9(Medium)

A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions in all versions. This can lead to workflows being inadvertently replac...

CWE-4402025

CVE-2024-47762

MEDIUM
CVSS:5.8(Medium)

Backstage is an open framework for building developer portals. Configuration supplied through APP_CONFIG_* environment variables, for example APP_CONFIG_backend_listen_port=7007, where unexpectedly ig...

CWE-4402024

CVE-2024-6281

HIGH
CVSS:7.3(High)

A path traversal vulnerability exists in the `apply_settings` function of parisneo/lollms versions prior to 9.5.1. The `sanitize_path` function does not adequately secure the `discussion_db_name` para...

CWE-4402024

CVE-2019-5061

HIGH
CVSS:7.4(High)

An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has ...

CWE-4402019