{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T09:09:42.390","vulnerabilities":[{"cve":{"id":"CVE-2024-8007","sourceIdentifier":"secalert@redhat.com","published":"2024-08-21T14:15:09.753","lastModified":"2024-11-25T05:15:12.250","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the openstack-tripleo-common component of the Red Hat OpenStack Platform (RHOSP) director. This vulnerability allows an attacker to deploy potentially compromised container images via disabling TLS certificate verification for registry mirrors, which could enable a man-in-the-middle (MITM) attack."},{"lang":"es","value":"Se encontró una falla en el director de Red Hat OpenStack Platform (RHOSP). Esta vulnerabilidad permite a un atacante implementar imágenes de contenedores potencialmente comprometidas deshabilitando la verificación de certificados TLS para espejos de registro, lo que podría habilitar un ataque de intermediario (MITM)."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*","matchCriteriaId":"DCC81071-B46D-4F5D-AC25-B4A4CCC20C73"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*","matchCriteriaId":"4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*","matchCriteriaId":"E315FC5C-FF19-43C9-A58A-CF2A5FF13824"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2024:9990","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:9991","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2024-8007","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2305975","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]}]}}]}