An access-control flaw was found in the OpenStack Orchestration (heat) service prior to 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat openstack 10 |
||
openstack heat |
||
redhat openstack 9 |