Описание
puppet-swift before versions 8.2.1, 9.4.4 is vulnerable to an information-disclosure in Red Hat OpenStack Platform director's installation of Object Storage (swift). During installation, the Puppet script responsible for deploying the service incorrectly removes and recreates the proxy-server.conf file with world-readable permissions.
An information-disclosure flaw was discovered in Red Hat OpenStack Platform director's installation of Object Storage (swift). During installation, the Puppet script responsible for deploying the service incorrectly removes and recreates the proxy-server.conf file with world-readable permissions.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) | openstack-puppet-modules | Not affected | ||
| Red Hat OpenStack Platform 11 (Ocata) | puppet-swift | Not affected | ||
| Red Hat OpenStack Platform 10.0 (Newton) | puppet-swift | Fixed | RHSA-2017:0200 | 26.01.2017 |
| Red Hat OpenStack Platform 8.0 (Liberty) | openstack-puppet-modules | Fixed | RHSA-2017:0361 | 01.03.2017 |
| Red Hat OpenStack Platform 9.0 (Mitaka) | openstack-puppet-modules | Fixed | RHSA-2017:0359 | 01.03.2017 |
Показывать по
Дополнительная информация
Статус:
6.5 Medium
CVSS3
Связанные уязвимости
puppet-swift before versions 8.2.1, 9.4.4 is vulnerable to an information-disclosure in Red Hat OpenStack Platform director's installation of Object Storage (swift). During installation, the Puppet script responsible for deploying the service incorrectly removes and recreates the proxy-server.conf file with world-readable permissions.
puppet-swift before versions 8.2.1, 9.4.4 is vulnerable to an information-disclosure in Red Hat OpenStack Platform director's installation of Object Storage (swift). During installation, the Puppet script responsible for deploying the service incorrectly removes and recreates the proxy-server.conf file with world-readable permissions.
puppet-swift before versions 8.2.1, 9.4.4 is vulnerable to an informat ...
puppet-swift before versions 8.2.1, 9.4.4 is vulnerable to an information-disclosure in Red Hat OpenStack Platform director's installation of Object Storage (swift). During installation, the Puppet script responsible for deploying the service incorrectly removes and recreates the proxy-server.conf file with world-readable permissions.
6.5 Medium
CVSS3