CVE-2020-26943

moderate-risk
Published 2020-10-16

An issue was discovered in OpenStack blazar-dashboard before 1.3.1, 2.0.0, and 3.0.0. A user allowed to access the Blazar dashboard in Horizon may trigger code execution on the Horizon host as the user the Horizon service runs under (because the Python eval function is used). This may result in Horizon host unauthorized access and further compromise of the Horizon service. All setups using the Horizon dashboard with the blazar-dashboard plugin are affected.

Do I need to act?

~
1.5% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
+
Fix available
Upgrade to: ee10b2c5c195088ec14725b790c17289ad20ed63
9
CVSS 9.9/10 Critical
NETWORK / LOW complexity

Affected Products (3)

Blazar-Dashboard
Blazar-Dashboard
Blazar-Dashboard

Affected Vendors

Openstack

References (16)

Third Party Advisory http://www.openwall.com/lists/oss-security/2020/10/16/5
Third Party Advisory https://launchpad.net/bugs/1895688
Third Party Advisory https://review.opendev.org/755810
Third Party Advisory https://review.opendev.org/755812
Third Party Advisory https://review.opendev.org/755813
Third Party Advisory https://review.opendev.org/755814
Third Party Advisory https://review.opendev.org/756064
Third Party Advisory https://security.openstack.org/ossa/OSSA-2020-007.html
Third Party Advisory http://www.openwall.com/lists/oss-security/2020/10/16/5
Third Party Advisory https://launchpad.net/bugs/1895688
Third Party Advisory https://review.opendev.org/755810
Third Party Advisory https://review.opendev.org/755812
Third Party Advisory https://review.opendev.org/755813
Third Party Advisory https://review.opendev.org/755814
Third Party Advisory https://review.opendev.org/756064
Third Party Advisory https://security.openstack.org/ossa/OSSA-2020-007.html
46
/ 100
moderate-risk
Severity 33/34 · Critical
Exploitability 4/34 · Minimal
Exposure 9/34 · Low