Published: 23/03/2022 Updated: 25/07/2022

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the www_authenticate_uri parameter (which is visible to all end users) in configuration files. This would give sensitive information which may aid in additional system exploitation. This flaw affects openstack-tripleo-heat-templates versions before 11.6.1.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat openstack 13
redhat openstack 16.1
openstack tripleo heat templates
redhat openstack 16.2

Synopsis Moderate: Red Hat OpenStack Platform 162 (openstack-tripleo-heat-templates) security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for openstack-tripleo-heat-templates is now available for Red ...

Synopsis Moderate: Red Hat OpenStack 1619 (openstack-tripleo-heat-templates) security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for openstack-tripleo-heat-templates is now available for Red Hat Ope ...

CWE-668 https://bugzilla.redhat.com/show_bug.cgi?id=2035793 https://access.redhat.com/errata/RHSA-2022:0995 https://nvd.nist.gov

CVE-2021-4180

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect