Описание
An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information.
Ссылки
- Broken LinkThird Party AdvisoryVDB Entry
- Vendor Advisory
- Vendor Advisory
- Issue TrackingVendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Vendor Advisory
- Vendor Advisory
- Issue TrackingVendor Advisory
Уязвимые конфигурации
Одно из
EPSS
5.9 Medium
CVSS3
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
Связанные уязвимости
An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information.
An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information.
An access-control flaw was found in the OpenStack Orchestration (heat) ...
An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information.
EPSS
5.9 Medium
CVSS3
5.5 Medium
CVSS3
2.1 Low
CVSS2