CVE-2013-1977

Опубликовано: 12 апр. 2013

Источник: redhat

CVSS2: 2.1

EPSS Низкий

Описание

OpenStack devstack uses world-readable permissions for keystone.conf, which allows local users to obtain sensitive information such as the LDAP password and admin_token secret by reading the file.

Отчет

Not vulnerable. This issue did not affect the version of openstack-keystone as shipped with Red Hat OpenStack Folsom.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat OpenStack Platform 2.1	openstack-keystone	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=953910openstack-keystone: Insecure management of LDAP and admin_token configuration file values

EPSS

Процентиль: 30%

0.00114

Низкий

2.1 Low

CVSS2

Связанные уязвимости

CVE-2013-1977

ubuntu

больше 12 лет назад

OpenStack devstack uses world-readable permissions for keystone.conf, which allows local users to obtain sensitive information such as the LDAP password and admin_token secret by reading the file.

CVE-2013-1977

nvd

больше 12 лет назад

OpenStack devstack uses world-readable permissions for keystone.conf, which allows local users to obtain sensitive information such as the LDAP password and admin_token secret by reading the file.

CVE-2013-1977

debian

больше 12 лет назад

OpenStack devstack uses world-readable permissions for keystone.conf, ...

GHSA-837x-g244-fmm9

github

больше 3 лет назад

OpenStack devstack uses world-readable permissions for keystone.conf, which allows local users to obtain sensitive information such as the LDAP password and admin_token secret by reading the file.

EPSS

Процентиль: 30%

0.00114

Низкий

2.1 Low

CVSS2