Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2012-5483

Опубликовано: 13 нояб. 2012
Источник: redhat
CVSS2: 2.1

Описание

tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable permissions for /etc/keystone/ec2rc, which allows local users to obtain access to EC2 services by reading administrative access and secret values from this file.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat OpenStack Platform 2.0openstack-keystoneAffected
OpenStack Essex for RHEL 6openstack-keystoneFixedRHSA-2012:155610.12.2012

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=873447OpenStack: Keystone /etc/keystone/ec2rc secret key exposure

2.1 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2012-5483

ubuntu
около 13 лет назад

tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable permissions for /etc/keystone/ec2rc, which allows local users to obtain access to EC2 services by reading administrative access and secret values from this file.

nvd логотип

CVE-2012-5483

nvd
около 13 лет назад

tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable permissions for /etc/keystone/ec2rc, which allows local users to obtain access to EC2 services by reading administrative access and secret values from this file.

debian логотип

CVE-2012-5483

debian
около 13 лет назад

tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Am ...

github логотип

GHSA-8cx8-xmvm-66wj

github
больше 3 лет назад

tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable permissions for /etc/keystone/ec2rc, which allows local users to obtain access to EC2 services by reading administrative access and secret values from this file.

2.1 Low

CVSS2