Table of Contents
Red Hat OpenStack Platform currently only utilizes the client and python client API bindings, not the server components of openwsman. Additionally, updates for this package are received through the Red Hat Enterprise Linux repository.
Red Hat Enterprise Virtualization uses only the openwsman-python client API bindings, not the server components of openwsman.
This issue affects the versions of openwsman as shipped with Red Hat Enterprise Linux 6 and 7. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.
CVSS v3 metrics
NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.
|CVSS3 Base Score||7.5|
|CVSS3 Base Metrics||CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H|
Affected Packages State
|Red Hat Virtualization 4||redhat-virtualization-host||Not affected|
|Red Hat Enterprise Linux 8||openwsman||Affected|
|Red Hat Enterprise Linux 7||openwsman||Affected|
|Red Hat Enterprise Linux 6||openwsman||Will not fix|
|OpenStack 9.0 Director for RHEL 7||openwsman||Will not fix|
|OpenStack 8.0 Director for RHEL 7||openwsman||Will not fix|