Package: octavia-agent Version: 3.0.0-3 Severity: important Tags: patch The Octavia agent isn't enforcing 2 way certificates, meaning that anyone can access the amphora-agent and manipulate it. I'm setting this bug as important, as normally, in a reasonable setup, the load balancer management network shouldn't be exposed to the public internet.
Patch is available here for all recent releases of Octavia: https://review.opendev.org/#/q/I5619f5e40d7c9a2ee7741bf4664c0d2d08963992 Cheers, Thomas Goirand (zigo)
