A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local malicious user to use brute force to explore the relevant directory and discover the file, leading to information disclosure of important configuration details from the OpenStack deployment.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat openstack 16.1 |
||
redhat openstack 16.2 |
||
redhat openstack for ibm power 16.1 |
||
redhat openstack for ibm power 16.2 |
||
openstack tripleo ansible - |