Published: 24/09/2023 Updated: 07/11/2023

CVSS v3 Base Score: 5 | Impact Score: 1.4 | Exploitability Score: 3.1

VMScore: 0

An information leak exists in OpenStack heat. This issue could allow a remote, authenticated malicious user to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openstack heat -
redhat openstack platform 16.1
redhat openstack platform 13.0
redhat openstack platform 16.2
redhat openstack platform 17.0

Debian Bug report logs - #1034186 heat: CVE-2023-1625 Package: src:heat; Maintainer for src:heat is Debian OpenStack <team+openstack@trackerdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Mon, 10 Apr 2023 17:45:08 UTC Severity: important Tags: security, upstream Fixed in version heat/1:1900-2 ...

NVD-CWE-noinfo https://bugzilla.redhat.com/show_bug.cgi?id=2181621 https://access.redhat.com/security/cve/CVE-2023-1625 https://github.com/openstack/heat/commit/a49526c278e52823080c7f3fcb72785b93fd4dcb https://launchpad.net/bugs/1999665 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034186 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-1625

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect