What is CVE-2020-10731?

CVE-2020-10731 is a critical-severity vulnerability in Redhat Openstack_platform, classified under Improper Access Control. CVSS score: 9.9/10. Published 2020-07-31.

How severe is CVE-2020-10731?

Critical severity. CVSS v3 base score is 9.9 out of 10.

Vulnerability in Redhat Openstack_platform

CVE-2020-10731

A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. This flaw causes sVirt, an important isolation mechanism, to be disabled for all running virtual machines.

EPSS: 0.009 (54.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.9 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H.

Affected products

Redhat Openstack_platform — versions 15.0, 16.0, 16.1
N/a Nova_libvirt Container Provided By The Red Hat Openstack Platform — versions 16

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

secalert@redhat.com (x_refsource_MISC, Issue Tracking, Vendor Advisory)

Frequently asked questions

What is CVE-2020-10731?: CVE-2020-10731 is a critical-severity vulnerability in Redhat Openstack_platform, classified under Improper Access Control. CVSS score: 9.9/10. Published 2020-07-31.
How severe is CVE-2020-10731?: Critical severity. CVSS v3 base score is 9.9 out of 10.