Vendor Report: Openstack

VendorOpenstack
Vendor CVE Table1720141719245542231
Vendor CVE Counts by Year Graph

Vendor OWASP CVE Counts by Year Table
Title 2020 2019 2018 2017 2016 2015 2014 2013 2012
XML Injection 0 0 0 0 0 0 0 1 0
Broken Authentication 0 0 0 1 0 1 3 3 0
XML External Entities (XEE) 0 0 0 0 0 0 0 3 0
Security Misconfiguration 0 0 0 0 0 0 0 1 0
Cross Site Scripting (XSS) 0 0 0 3 1 2 7 1 1
Insecure Encryption 0 1 1 0 0 0 0 0 0
Information Leakage 1 2 2 0 0 0 0 0 0
Unvalidated Redirect 0 0 0 0 0 0 0 0 2
Insufficient Logging and Monitoring 1 2 2 2 1 1 4 5 3
Brute Force 0 1 0 0 0 0 0 0 0
Sniffing 1 0 0 0 0 0 1 0 0
Spoofing 0 0 0 0 4 1 2 3 0
Session Fixation 0 0 0 0 0 0 0 0 1
Vendor OWASP CVE Counts by Year Graph

Vendor Data Table

ProductVersion CountCVE CountCvssV2 Base Score - AverageCvssV2 Exploitability Score - AverageBaseV2 Impact Score - AverageCvssV3 Base Score - AverageCvssV3 Exploitability Score - AverageBaseV3 Impact Score - AverageCVEs
Ceilometer 2 2 2.955.702.908.802.805.90
CVE-2013-6384, CVE-2019-3830
Cinder 4 7 3.916.903.477.503.903.60
CVE-2013-4183, CVE-2013-4202, CVE-2014-3641, CVE-2014-7230, CVE-2014-7231,
CVE-2015-5162, CVE-2017-15139
Cinder Folsom 1 1 5.0010.002.90N/AN/AN/A
CVE-2013-1664
Cloud Magnum Orchestration 1 1 7.203.9010.007.801.805.90
CVE-2017-1000366
Compute 6 12 3.906.783.534.701.003.60
CVE-2012-2654, CVE-2012-3371, CVE-2013-2030, CVE-2013-2255, CVE-2013-4179,
CVE-2013-4185, CVE-2013-4278, CVE-2013-7130, CVE-2014-0134, CVE-2014-0167,
CVE-2014-2573, CVE-2015-2687
Compute (nova) 1 1 6.808.006.906.502.803.60
CVE-2016-7498
Compute (nova) Essex 1 1 5.0010.002.90N/AN/AN/A
CVE-2013-1664
Compute (nova) Folsom 1 1 5.0010.002.90N/AN/AN/A
CVE-2013-1664
Designate 2 2 4.008.002.906.502.803.60
CVE-2015-5694, CVE-2015-5695
Devstack 1 1 2.103.902.90N/AN/AN/A
CVE-2013-1977
Diablo 1 2 4.908.303.90N/AN/AN/A
CVE-2012-2654, CVE-2012-3361
Essex 3 15 4.697.104.40N/AN/AN/A
CVE-2012-0030, CVE-2012-2654, CVE-2012-3360, CVE-2012-3361, CVE-2012-3371,
CVE-2012-3426, CVE-2012-3542, CVE-2012-4573, CVE-2012-5482, CVE-2012-5571,
CVE-2013-0208, CVE-2013-0261, CVE-2013-0266, CVE-2013-0335, CVE-2013-1838
Folsom 3 25 4.467.104.08N/AN/AN/A
CVE-2012-3360, CVE-2012-3361, CVE-2012-3371, CVE-2012-3447, CVE-2012-4573,
CVE-2012-5482, CVE-2012-5563, CVE-2012-5571, CVE-2012-5625, CVE-2013-0208,
CVE-2013-0261, CVE-2013-0266, CVE-2013-0335, CVE-2013-1664, CVE-2013-1665,
CVE-2013-1838, CVE-2013-1865, CVE-2013-2030, CVE-2013-2096, CVE-2013-2161,
CVE-2013-4155, CVE-2013-4261, CVE-2013-4463, CVE-2013-4469, CVE-2013-4497
Glance 4 8 4.458.133.406.323.103.05
CVE-2013-1840, CVE-2013-4428, CVE-2015-3289, CVE-2015-5162, CVE-2015-5163,
CVE-2015-8234, CVE-2016-8611, CVE-2017-7200
Grizzly 4 14 4.246.813.97N/AN/AN/A
CVE-2012-5625, CVE-2013-0335, CVE-2013-1664, CVE-2013-1838, CVE-2013-2030,
CVE-2013-2096, CVE-2013-2161, CVE-2013-4155, CVE-2013-4261, CVE-2013-4463,
CVE-2013-4469, CVE-2013-4477, CVE-2013-4497, CVE-2013-7130
Havana 3 11 4.166.703.95N/AN/AN/A
CVE-2013-2030, CVE-2013-2096, CVE-2013-2161, CVE-2013-4155, CVE-2013-4179,
CVE-2013-4463, CVE-2013-4469, CVE-2013-4477, CVE-2013-4497, CVE-2013-6419,
CVE-2013-7130
Heat 3 5 3.526.942.904.902.302.50
CVE-2013-6426, CVE-2013-6428, CVE-2014-3801, CVE-2016-9185, CVE-2017-2621
Horizon 10 20 4.037.403.285.102.002.70
CVE-2012-2094, CVE-2012-2144, CVE-2012-3426, CVE-2012-3540, CVE-2012-3542,
CVE-2012-5474, CVE-2012-5476, CVE-2013-4471, CVE-2013-6858, CVE-2014-0157,
CVE-2014-3473, CVE-2014-3474, CVE-2014-3475, CVE-2014-3594, CVE-2014-8124,
CVE-2014-8578, CVE-2015-3219, CVE-2015-3988, CVE-2016-4428, CVE-2017-7400
Icehouse 3 4 6.477.556.65N/AN/AN/A
CVE-2013-7130, CVE-2014-0162, CVE-2014-0167, CVE-2015-1851
Image Registry And Delivery Service (glance) 6 15 4.677.244.304.302.801.40
CVE-2012-4573, CVE-2012-5482, CVE-2013-0212, CVE-2013-4354, CVE-2014-0162,
CVE-2014-1948, CVE-2014-5356, CVE-2014-9493, CVE-2014-9623, CVE-2014-9684,
CVE-2015-1195, CVE-2015-1881, CVE-2015-5251, CVE-2015-5286, CVE-2016-0757
Instack-undercloud 1 1 3.303.404.906.401.104.70
CVE-2017-7549
Ironic 1 1 4.008.002.906.502.803.60
CVE-2015-7514
Ironic Inspector 1 1 6.808.606.40N/AN/AN/A
CVE-2015-5306
Ironic-inspector 1 1 6.4010.004.909.103.905.20
CVE-2019-10141
Juno 1 1 6.808.006.90N/AN/AN/A
CVE-2015-1851
Keystone 10 35 5.118.084.365.302.752.50
CVE-2012-1572, CVE-2012-3426, CVE-2012-4413, CVE-2012-4456, CVE-2012-4457,
CVE-2012-5483, CVE-2013-0247, CVE-2013-0270, CVE-2013-0282, CVE-2013-2006,
CVE-2013-2014, CVE-2013-2059, CVE-2013-2157, CVE-2013-2255, CVE-2013-4222,
CVE-2013-4294, CVE-2013-6391, CVE-2014-0204, CVE-2014-2237, CVE-2014-2828,
CVE-2014-3476, CVE-2014-3520, CVE-2014-3621, CVE-2014-5251, CVE-2014-5252,
CVE-2014-5253, CVE-2015-3646, CVE-2015-7546, CVE-2018-14432, CVE-2018-20170,
CVE-2019-19687, CVE-2020-12689, CVE-2020-12690, CVE-2020-12691, CVE-2020-12692
Keystone Essex 1 2 5.0010.002.90N/AN/AN/A
CVE-2013-1664, CVE-2013-1665
Keystonemiddleware 2 3 4.878.004.07N/AN/AN/A
CVE-2014-7144, CVE-2015-1852, CVE-2015-7546
Kilo 1 1 6.808.006.90N/AN/AN/A
CVE-2015-1851
Magnum 1 1 7.5010.006.409.803.905.90
CVE-2016-7404
Manila 1 2 5.007.404.655.402.302.70
CVE-2016-6519, CVE-2020-9543
Mitaka-murano 1 1 7.5010.006.409.803.905.90
CVE-2016-4972
Murano 1 1 7.5010.006.409.803.905.90
CVE-2016-4972
Murano-dashboard 1 1 7.5010.006.409.803.905.90
CVE-2016-4972
Neutron 8 20 4.877.744.277.032.993.95
CVE-2013-6433, CVE-2014-0056, CVE-2014-0187, CVE-2014-3555, CVE-2014-3632,
CVE-2014-4167, CVE-2014-4615, CVE-2014-6414, CVE-2014-7821, CVE-2014-8153,
CVE-2015-3221, CVE-2015-5240, CVE-2015-8914, CVE-2016-5362, CVE-2016-5363,
CVE-2017-7543, CVE-2018-14635, CVE-2018-14636, CVE-2019-10876, CVE-2019-9735
Nova 6 33 4.507.204.106.973.073.69
CVE-2011-3147, CVE-2011-4076, CVE-2011-4596, CVE-2012-0030, CVE-2012-1585,
CVE-2012-2101, CVE-2012-3447, CVE-2013-0326, CVE-2013-2256, CVE-2013-6437,
CVE-2013-7048, CVE-2014-3517, CVE-2014-3608, CVE-2014-3708, CVE-2014-7230,
CVE-2014-7231, CVE-2014-8333, CVE-2014-8750, CVE-2015-0259, CVE-2015-3241,
CVE-2015-3280, CVE-2015-5162, CVE-2015-7548, CVE-2015-7713, CVE-2015-8749,
CVE-2015-9543, CVE-2016-2140, CVE-2017-16239, CVE-2017-17051, CVE-2017-18191,
CVE-2017-7214, CVE-2019-14433, CVE-2020-17376
Nova-lxd 1 1 5.0010.002.907.503.903.60
CVE-2017-5936
Octavia 1 2 5.909.304.658.153.354.75
CVE-2018-16856, CVE-2019-3895
Openstack 1 1 6.006.806.407.501.605.90
CVE-2017-12440
Orchestration Api 1 1 5.508.004.905.402.802.50
CVE-2015-5295
Os-vif 1 1 6.4010.004.909.103.905.20
CVE-2019-15753
Oslo 2 2 4.659.302.90N/AN/AN/A
CVE-2013-6491, CVE-2014-4615
Oslo.middleware 1 1 2.103.902.905.501.803.60
CVE-2017-2592
Puppet-gerrit 1 1 4.308.602.906.102.802.70
CVE-2016-5737
Puppet-swift 1 1 4.008.002.906.502.803.60
CVE-2016-9590
Puppet-tripleo 1 1 6.006.806.407.501.605.90
CVE-2016-9599
Pycadf 1 1 5.0010.002.90N/AN/AN/A
CVE-2014-4615
Python Glanceclient 1 1 5.808.604.90N/AN/AN/A
CVE-2013-4111
Python-keystoneclient 2 7 5.317.994.69N/AN/AN/A
CVE-2013-2013, CVE-2013-2104, CVE-2013-2166, CVE-2013-2167, CVE-2014-0105,
CVE-2014-7144, CVE-2015-1852
Python-muranoclient 1 1 7.5010.006.409.803.905.90
CVE-2016-4972
Swauth 1 1 7.5010.006.409.803.905.90
CVE-2017-16613
Swift 4 12 5.198.604.118.273.904.37
CVE-2012-4406, CVE-2013-4155, CVE-2013-6396, CVE-2013-7109, CVE-2014-0006,
CVE-2014-3497, CVE-2014-7960, CVE-2015-1856, CVE-2015-5223, CVE-2016-0737,
CVE-2016-0738, CVE-2017-16613
Swift3 1 1 5.808.604.907.402.205.20
CVE-2015-8466
Telemetry (ceilometer) 1 1 5.0010.002.90N/AN/AN/A
CVE-2014-4615
Tripleo Heat Templates 2 3 5.278.834.077.933.534.37
CVE-2015-5271, CVE-2015-5303, CVE-2018-10898
Tripleo-common 1 1 7.203.9010.008.201.506.00
CVE-2017-2627
Trove 1 3 2.103.902.905.501.803.60
CVE-2014-7230, CVE-2014-7231, CVE-2015-3156