CVE & CISA-KEV Catalog

CVE-2023-2088

MEDIUM
6.5
CVSS v3
NVD

Description

A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerability by detaching one of their volumes from Cinder. The highest impact is to confidentiality.

How to fix

Remediation Available
cinderDebian
Fixed in:2:17.4.0-1~deb11u2CVE-2023-2088
Fixed in:2:21.1.0-3CVE-2023-2088
Fixed in:2:21.1.0-3CVE-2023-2088
Fixed in:2:21.1.0-3CVE-2023-2088
openstack-cinderRocky
Fixed in:1:15.6.1-2.20230310075425.a19c1c9.el8ostRHSA-2023:3158
Fixed in:1:15.6.1-2.20230310075425.a19c1c9.el8ostRHSA-2023:3158
Fixed in:1:15.4.0-1.20230510003501.58f0e73.el8ostRHSA-2023:3156
Fixed in:1:15.4.0-1.20230510003501.58f0e73.el8ostRHSA-2023:3156
Fixed in:1:18.2.1-0.20230509200451.1776695.el9ostRHSA-2023:3157
Fixed in:1:18.2.1-0.20230509200451.1776695.el9ostRHSA-2023:3157
openstack-cinderRed Hat / RHEL
Fixed in:1:15.6.1-2.20230310075425.a19c1c9.el8ostRHSA-2023:3158
Fixed in:1:15.4.0-1.20230510003501.58f0e73.el8ostRHSA-2023:3156
Fixed in:1:15.6.1-2.20230310075425.a19c1c9.el8ostRHSA-2023:3158
Fixed in:1:15.4.0-1.20230510003501.58f0e73.el8ostRHSA-2023:3156
Fixed in:1:18.2.1-0.20230509200451.1776695.el9ostRHSA-2023:3157
Fixed in:1:18.2.1-0.20230509200451.1776695.el9ostRHSA-2023:3157
openstack-novaRocky
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
openstack-novaRed Hat / RHEL
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
openstack-nova-apiRed Hat / RHEL
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
openstack-nova-apiRocky
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
openstack-nova-cellsRocky
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
openstack-nova-cellsRed Hat / RHEL
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
openstack-nova-commonRed Hat / RHEL
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
openstack-nova-commonRocky
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
openstack-nova-computeRocky
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
openstack-nova-computeRed Hat / RHEL
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
openstack-nova-conductorRocky
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
openstack-nova-conductorRed Hat / RHEL
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
openstack-nova-consoleRed Hat / RHEL
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
openstack-nova-consoleRocky
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
openstack-nova-migrationRocky
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
openstack-nova-migrationRed Hat / RHEL
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
openstack-nova-networkRocky
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
openstack-nova-networkRed Hat / RHEL
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
openstack-nova-novncproxyRocky
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
openstack-nova-novncproxyRed Hat / RHEL
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
openstack-nova-placement-apiRed Hat / RHEL
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
openstack-nova-placement-apiRocky
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
openstack-nova-schedulerRed Hat / RHEL
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
openstack-nova-schedulerRocky
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
openstack-nova-serialproxyRocky
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
openstack-nova-serialproxyRed Hat / RHEL
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
openstack-nova-spicehtml5proxyRed Hat / RHEL
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
openstack-nova-spicehtml5proxyRocky
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
python-glance-storeRed Hat / RHEL
Fixed in:0:0.23.1-0.20190916165255.cc7ecc1.el7ostRHSA-2023:3161
Fixed in:0:1.0.2-1.20220219073735.el8ostRHSA-2023:3156
Fixed in:0:1.0.2-2.20230309124927.79e043a.el8ostRHSA-2023:3158
Fixed in:0:2.5.1-0.20230509140449.5f1cee6.el9ostRHSA-2023:3157
python-glance-storeRocky
Fixed in:0:0.23.1-0.20190916165255.cc7ecc1.el7ostRHSA-2023:3161
Fixed in:0:1.0.2-2.20230309124927.79e043a.el8ostRHSA-2023:3158
Fixed in:0:1.0.2-1.20220219073735.el8ostRHSA-2023:3156
Fixed in:0:2.5.1-0.20230509140449.5f1cee6.el9ostRHSA-2023:3157
python-novaRed Hat / RHEL
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
python-novaRocky
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
python-nova-testsRocky
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
python-nova-testsRed Hat / RHEL
Fixed in:1:17.0.13-41.el7ostRHSA-2023:3161
python-os-brickRed Hat / RHEL
Fixed in:0:2.3.9-12.el7ostRHSA-2023:3161
Fixed in:0:2.10.5-1.20220112193420.634fb4a.el8ostRHSA-2023:3156
Fixed in:0:2.10.8-2.20220112064936.458bfad.el8ostRHSA-2023:3158
Fixed in:0:4.3.3-0.20220715140803.d09dc9e.el9ostRHSA-2023:3157
python-os-brickRocky
Fixed in:0:2.3.9-12.el7ostRHSA-2023:3161
Fixed in:0:2.10.5-1.20220112193420.634fb4a.el8ostRHSA-2023:3156
Fixed in:0:2.10.8-2.20220112064936.458bfad.el8ostRHSA-2023:3158
Fixed in:0:4.3.3-0.20220715140803.d09dc9e.el9ostRHSA-2023:3157
python2-glance-storeRed Hat / RHEL
Fixed in:0:0.23.1-0.20190916165255.cc7ecc1.el7ostRHSA-2023:3161
python2-glance-storeRocky
Fixed in:0:0.23.1-0.20190916165255.cc7ecc1.el7ostRHSA-2023:3161
python2-os-brickRocky
Fixed in:0:2.3.9-12.el7ostRHSA-2023:3161
python2-os-brickRed Hat / RHEL
Fixed in:0:2.3.9-12.el7ostRHSA-2023:3161
python3-cinderRocky
Fixed in:1:15.4.0-1.20230510003501.58f0e73.el8ostRHSA-2023:3156
Fixed in:1:15.6.1-2.20230310075425.a19c1c9.el8ostRHSA-2023:3158
Fixed in:1:18.2.1-0.20230509200451.1776695.el9ostRHSA-2023:3157
python3-cinderRed Hat / RHEL
Fixed in:1:15.4.0-1.20230510003501.58f0e73.el8ostRHSA-2023:3156
Fixed in:1:15.6.1-2.20230310075425.a19c1c9.el8ostRHSA-2023:3158
Fixed in:1:18.2.1-0.20230509200451.1776695.el9ostRHSA-2023:3157
python3-cinder-commonRocky
Fixed in:1:18.2.1-0.20230509200451.1776695.el9ostRHSA-2023:3157
python3-cinder-commonRed Hat / RHEL
Fixed in:1:18.2.1-0.20230509200451.1776695.el9ostRHSA-2023:3157
python3-glance-storeRocky
Fixed in:0:1.0.2-2.20230309124927.79e043a.el8ostRHSA-2023:3158
Fixed in:0:1.0.2-1.20220219073735.el8ostRHSA-2023:3156
Fixed in:0:2.5.1-0.20230509140449.5f1cee6.el9ostRHSA-2023:3157
python3-glance-storeRed Hat / RHEL
Fixed in:0:1.0.2-1.20220219073735.el8ostRHSA-2023:3156
Fixed in:0:1.0.2-2.20230309124927.79e043a.el8ostRHSA-2023:3158
Fixed in:0:2.5.1-0.20230509140449.5f1cee6.el9ostRHSA-2023:3157
python3-novaRocky
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
python3-novaRed Hat / RHEL
Fixed in:1:20.4.1-1.20221005193232.el8ostRHSA-2023:3156
Fixed in:1:20.6.2-2.20230308185149.el8ostRHSA-2023:3158
Fixed in:1:23.2.2-0.20221209190754.7074ac0.el9ostRHSA-2023:3157
python3-os-brickRed Hat / RHEL
Fixed in:0:2.10.5-1.20220112193420.634fb4a.el8ostRHSA-2023:3156
Fixed in:0:2.10.8-2.20220112064936.458bfad.el8ostRHSA-2023:3158
Fixed in:0:4.3.3-0.20220715140803.d09dc9e.el9ostRHSA-2023:3157
python3-os-brickRocky
Fixed in:0:2.10.5-1.20220112193420.634fb4a.el8ostRHSA-2023:3156
Fixed in:0:2.10.8-2.20220112064936.458bfad.el8ostRHSA-2023:3158
Fixed in:0:4.3.3-0.20220715140803.d09dc9e.el9ostRHSA-2023:3157
tripleo-ansibleRocky
Fixed in:0:0.8.1-2.20230309004941.el8ostRHSA-2023:3158
Fixed in:0:0.8.1-2.20230309004941.el8ostRHSA-2023:3158
Fixed in:0:3.3.1-0.20221208161844.fa5422f.el9ostRHSA-2023:3157
Fixed in:0:3.3.1-0.20221208161844.fa5422f.el9ostRHSA-2023:3157
tripleo-ansibleRed Hat / RHEL
Fixed in:0:0.8.1-2.20230309004941.el8ostRHSA-2023:3158
Fixed in:0:0.8.1-2.20230309004941.el8ostRHSA-2023:3158
Fixed in:0:3.3.1-0.20221208161844.fa5422f.el9ostRHSA-2023:3157
Fixed in:0:3.3.1-0.20221208161844.fa5422f.el9ostRHSA-2023:3157
cinderUbuntu
Fixed in:2:16.4.2-0ubuntu2.3USN-6073-1
Fixed in:2:20.2.0-0ubuntu1.1USN-6241-1
Fixed in:2:20.1.0-0ubuntu2.1USN-6073-1
Fixed in:2:21.1.0-0ubuntu2.1USN-6073-1
Fixed in:2:22.0.0-0ubuntu1.1USN-6073-1
Fixed in:2:22.0.0-0ubuntu1.3USN-6241-1
ironicUbuntu
Fixed in:1:20.1.0-0ubuntu1.1USN-6241-1
Fixed in:1:21.4.0-0ubuntu1.1USN-6241-1
novaUbuntu
Fixed in:2:21.2.4-0ubuntu2.3USN-6073-3
Fixed in:3:25.1.0-0ubuntu2.1USN-6073-3
Fixed in:3:25.1.1-0ubuntu1.1USN-6241-1
Fixed in:3:26.1.0-0ubuntu2.1USN-6073-3
Fixed in:3:27.0.0-0ubuntu1.1USN-6073-3
Fixed in:3:27.0.0-0ubuntu1.3USN-6241-1
python-glance-storeUbuntu
Fixed in:2.0.0-0ubuntu4.1USN-6073-2
Fixed in:3.0.0-0ubuntu1.3USN-6241-1
Fixed in:3.0.0-0ubuntu1.1USN-6073-2
Fixed in:4.1.0-0ubuntu1.1USN-6073-2
Fixed in:4.3.0-0ubuntu1.3USN-6241-1
Fixed in:4.3.0-0ubuntu1.1USN-6073-2
python-os-brickUbuntu
Fixed in:3.0.8-0ubuntu1.1USN-6073-4
Fixed in:5.2.2-0ubuntu1USN-6073-4
Fixed in:5.2.2-0ubuntu1.2USN-6241-1
Fixed in:6.1.0-0ubuntu1.1USN-6073-4
Fixed in:6.2.0-0ubuntu2.3USN-6241-1
Fixed in:6.2.0-0ubuntu2.1USN-6073-4
python3-cinderUbuntu
Fixed in:2:16.4.2-0ubuntu2.3USN-6073-1
Fixed in:2:20.2.0-0ubuntu1.1USN-6241-1
Fixed in:2:20.1.0-0ubuntu2.1USN-6073-1
Fixed in:2:21.1.0-0ubuntu2.1USN-6073-1
Fixed in:2:22.0.0-0ubuntu1.1USN-6073-1
Fixed in:2:22.0.0-0ubuntu1.3USN-6241-1
python3-glance-storeUbuntu
Fixed in:2.0.0-0ubuntu4.1USN-6073-2
Fixed in:3.0.0-0ubuntu1.3USN-6241-1
Fixed in:3.0.0-0ubuntu1.1USN-6073-2
Fixed in:4.1.0-0ubuntu1.1USN-6073-2
Fixed in:4.3.0-0ubuntu1.1USN-6073-2
Fixed in:4.3.0-0ubuntu1.3USN-6241-1
python3-ironicUbuntu
Fixed in:1:20.1.0-0ubuntu1.1USN-6241-1
Fixed in:1:21.4.0-0ubuntu1.1USN-6241-1
python3-novaUbuntu
Fixed in:2:21.2.4-0ubuntu2.3USN-6073-3
Fixed in:3:25.1.1-0ubuntu1.1USN-6241-1
Fixed in:3:25.1.0-0ubuntu2.1USN-6073-3
Fixed in:3:26.1.0-0ubuntu2.1USN-6073-3
Fixed in:3:27.0.0-0ubuntu1.1USN-6073-3
Fixed in:3:27.0.0-0ubuntu1.3USN-6241-1
python3-os-brickUbuntu
Fixed in:3.0.8-0ubuntu1.1USN-6073-4
Fixed in:5.2.2-0ubuntu1USN-6073-4
Fixed in:5.2.2-0ubuntu1.2USN-6241-1
Fixed in:6.1.0-0ubuntu1.1USN-6073-4
Fixed in:6.2.0-0ubuntu2.1USN-6073-4
Fixed in:6.2.0-0ubuntu2.3USN-6241-1

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityNone
AvailabilityNone

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploit Intelligence

1.20%probability of exploitation in 30 days
64thpercentile

Moderate risk: more likely to be exploited than 64% of all known CVEs.

References

Embed a live status badge for CVE-2023-2088
CVE-2023-2088 severity badge

Markdown

[![CVE-2023-2088](https://tridentstack.com/cve/badge/CVE-2023-2088.svg)](https://tridentstack.com/cve/CVE-2023-2088)

HTML

<a href="https://tridentstack.com/cve/CVE-2023-2088"><img src="https://tridentstack.com/cve/badge/CVE-2023-2088.svg" alt="CVE-2023-2088"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-11-04.