CVE-2015-0271

Опубликовано: 10 мар. 2015

Источник: nvd

CVSS2: 4

EPSS Низкий

Описание

The log-viewing function in the Red Hat redhat-access-plugin before 6.0.3 for OpenStack Dashboard (horizon) allows remote attackers to read arbitrary files via a crafted path.

Комментарий

Per this link this vulnerability requires authentication.

Ссылки

http://rhn.redhat.com/errata/RHSA-2015-0645.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-0840.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-0841.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-0645.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-0840.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-0841.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*

EPSS

Процентиль: 42%

0.00199

Низкий

4 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2015-0271

ubuntu

почти 11 лет назад

The log-viewing function in the Red Hat redhat-access-plugin before 6.0.3 for OpenStack Dashboard (horizon) allows remote attackers to read arbitrary files via a crafted path.

CVE-2015-0271

redhat

почти 11 лет назад

The log-viewing function in the Red Hat redhat-access-plugin before 6.0.3 for OpenStack Dashboard (horizon) allows remote attackers to read arbitrary files via a crafted path.

CVE-2015-0271

debian

почти 11 лет назад

The log-viewing function in the Red Hat redhat-access-plugin before 6. ...

GHSA-qr8c-4v4w-95m2

github

больше 3 лет назад

The log-viewing function in the Red Hat redhat-access-plugin before 6.0.3 for OpenStack Dashboard (horizon) allows remote attackers to read arbitrary files via a crafted path.

EPSS

Процентиль: 42%

0.00199

Низкий

4 Medium

CVSS2

Дефекты

CWE-200