{
  "threat_severity" : "Important",
  "public_date" : "2020-07-28T00:00:00Z",
  "bugzilla" : {
    "description" : "openstack-tripleo-heat-templates: No sVirt protection for OSP16 VMs due to disabled SELinux",
    "id" : "1831544",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1831544"
  },
  "cvss3" : {
    "cvss3_base_score" : "9.9",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-284->CWE-1220",
  "details" : [ "A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. This flaw causes sVirt, an important isolation mechanism, to be disabled for all running virtual machines.", "A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. This flaw causes sVirt, an important isolation mechanism, to be disabled for all running virtual machines." ],
  "acknowledgement" : "This issue was discovered by Daniel Berrangé (Red Hat) and Lukas Bezdicka (Red Hat).",
  "affected_release" : [ {
    "product_name" : "Red Hat OpenStack Platform 15.0 (Stein)",
    "release_date" : "2020-08-11T00:00:00Z",
    "advisory" : "RHSA-2020:3410",
    "cpe" : "cpe:/a:redhat:openstack:15::el8",
    "package" : "openstack-tripleo-heat-templates-0:10.6.3-0.20200113185561.cf467ea.el8ost"
  }, {
    "product_name" : "Red Hat OpenStack Platform 15.0 (Stein)",
    "release_date" : "2020-08-11T00:00:00Z",
    "advisory" : "RHSA-2020:3410",
    "cpe" : "cpe:/a:redhat:openstack:15::el8",
    "package" : "python-paunch-0:4.5.3-0.20200108190460.3c38fe6.el8ost"
  }, {
    "product_name" : "Red Hat OpenStack Platform 16.0 (Train)",
    "release_date" : "2020-08-11T00:00:00Z",
    "advisory" : "RHSA-2020:3406",
    "cpe" : "cpe:/a:redhat:openstack:16::el8",
    "package" : "openstack-tripleo-heat-templates-0:11.3.2-0.20200405044628.ec9970c.el8ost"
  }, {
    "product_name" : "Red Hat OpenStack Platform 16.0 (Train)",
    "release_date" : "2020-08-11T00:00:00Z",
    "advisory" : "RHSA-2020:3406",
    "cpe" : "cpe:/a:redhat:openstack:16::el8",
    "package" : "python-paunch-0:5.3.2-0.20200320172310.ebc49c4.el8ost"
  }, {
    "product_name" : "Red Hat OpenStack Platform 16.1",
    "release_date" : "2020-07-29T00:00:00Z",
    "advisory" : "RHSA-2020:3199",
    "cpe" : "cpe:/a:redhat:openstack:16.1::el8",
    "package" : "openstack-tripleo-heat-templates-0:11.3.2-0.20200616081532.396affd.el8ost"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat OpenStack Platform 10 (Newton)",
    "fix_state" : "Not affected",
    "package_name" : "openstack-tripleo-heat-templates",
    "cpe" : "cpe:/a:redhat:openstack:10"
  }, {
    "product_name" : "Red Hat OpenStack Platform 13 (Queens)",
    "fix_state" : "Not affected",
    "package_name" : "openstack-tripleo-heat-templates",
    "cpe" : "cpe:/a:redhat:openstack:13"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-10731\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-10731\nhttps://bugs.launchpad.net/tripleo/+bug/1880947" ],
  "name" : "CVE-2020-10731",
  "csaw" : false
}