Oval Definition:oval:org.opensuse.security:def:20171000433
Revision Date:2022-05-22Version:1
Title:CVE-2017-1000433
Description:

pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-1000433
SUSE-SU-2018:1194-1
SUSE-SU-2019:1450-1
Mitre CVE-2017-1000433
SUSE CVE-2017-1000433
SUSE-SU-2018:1194-1
SUSE-SU-2019:1450-1
Platform(s):SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • caasp-openstack-heat-templates-1.0+git.1553079189.3bf8922-1.6.2 is installed
  • OR crowbar-4.0+git.1551088848.823bcaa3-7.29.2 is installed
  • OR crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3 is installed
  • OR crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3 is installed
  • OR crowbar-devel-4.0+git.1551088848.823bcaa3-7.29.2 is installed
  • OR crowbar-ha-4.0+git.1556181005.47c643d-4.46.3 is installed
  • OR crowbar-openstack-4.0+git.1554887450.ff7c30c1c-9.51.3 is installed
  • OR galera-python-clustercheck-0.0+git.1506329536.8f5878c-1.6.2 is installed
  • OR openstack-ceilometer-7.1.1~dev4-4.15.3 is installed
  • OR openstack-ceilometer-agent-central-7.1.1~dev4-4.15.3 is installed
  • OR openstack-ceilometer-agent-compute-7.1.1~dev4-4.15.3 is installed
  • OR openstack-ceilometer-agent-ipmi-7.1.1~dev4-4.15.3 is installed
  • OR openstack-ceilometer-agent-notification-7.1.1~dev4-4.15.3 is installed
  • OR openstack-ceilometer-api-7.1.1~dev4-4.15.3 is installed
  • OR openstack-ceilometer-collector-7.1.1~dev4-4.15.3 is installed
  • OR openstack-ceilometer-doc-7.1.1~dev4-4.15.3 is installed
  • OR openstack-ceilometer-polling-7.1.1~dev4-4.15.3 is installed
  • OR openstack-heat-gbp-5.1.1~dev1-2.6.3 is installed
  • OR python-PyKMIP-0.5.0-3.3.3 is installed
  • OR python-ceilometer-7.1.1~dev4-4.15.3 is installed
  • OR python-heat-gbp-5.1.1~dev1-2.6.3 is installed
  • OR python-pysaml2-4.0.2-3.6.3 is installed
  • OR ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2 is installed
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 9 is installed
  • OR SUSE OpenStack Cloud Crowbar 9 is installed
  • AND python-pysaml2 is not affected
    • BACK