{"id":"CVE-2019-17134","details":"Amphora Images in OpenStack Octavia \u003e=0.10.0 \u003c2.1.2, \u003e=3.0.0 \u003c3.2.0, \u003e=4.0.0 \u003c4.1.0 allows anyone with access to the management network to bypass client-certificate based authentication and retrieve information or issue configuration commands via simple HTTP requests to the Agent on port https/9443, because the cmd/agent.py gunicorn cert_reqs option is True but is supposed to be ssl.CERT_REQUIRED.","aliases":["GHSA-r4v4-3jj7-jc29"],"modified":"2026-04-10T04:13:10.284151Z","published":"2019-10-08T18:15:14.153Z","related":["SUSE-SU-2019:3068-1"],"references":[{"type":"WEB","url":"https://storyboard.openstack.org/#%21/story/2006660"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:0721"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4153-1/"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:3743"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:3788"},{"type":"FIX","url":"https://review.opendev.org/686541"},{"type":"FIX","url":"https://review.opendev.org/686543"},{"type":"FIX","url":"https://review.opendev.org/686544"},{"type":"FIX","url":"https://review.opendev.org/686547"},{"type":"FIX","url":"https://review.opendev.org/686545"},{"type":"FIX","url":"https://review.opendev.org/686546"},{"type":"FIX","url":"https://security.openstack.org/ossa/OSSA-2019-005.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/openstack/octavia","events":[{"introduced":"c3345e46573cb6c618cb9447fade2e255b6f5589"},{"fixed":"89a2f6e0136ad49d928eb65b4cf555af2a2b8ab1"},{"introduced":"8d74497cf6fd22620d0881ad2549acd69a537776"},{"fixed":"624ff08f27bcb73788663cbe6d35cbe29c537844"},{"introduced":"feb640d99d392167ca37e1c7c02d895a03f32172"},{"fixed":"1725517d1d209f26b2275306d83e49c099dcbe1a"}],"database_specific":{"versions":[{"introduced":"0.10.0"},{"fixed":"2.1.2"},{"introduced":"3.0.0"},{"fixed":"3.2.0"},{"introduced":"4.0.0"},{"fixed":"4.1.0"}]}}],"versions":["0.10.0","1.0.0.0b1","1.0.0.0b2","1.0.0.0b3","1.0.0.0rc1","2.0.0","2.0.0.0b1","2.0.0.0b2","2.0.0.0b3","2.0.0.0rc1","2.0.0.0rc2","2.0.1","2.0.2","2.0.3","2.0.4","2.1.0","2.1.1","3.0.0","3.0.0.0rc3","3.0.1","3.0.2","3.1.0","3.1.1","4.0.0","4.0.0.0rc3","4.0.1","ocata-em"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"19.04"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-17134.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}]}