Описание
OpenDaylight Karaf 0.6.1-Carbon fails to clear the cache after a password change, allowing the old password to be used until the Karaf cache is manually cleared (e.g. via restart).
OpenDaylight Karaf 0.6.1-Carbon fails to clear the cache after a password change allowing the old password to be used until the Karaf cache is manually cleared (e.g. via restart).
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenStack Platform 10 (Newton) | opendaylight | Not affected | ||
| Red Hat OpenStack Platform 11 (Ocata) | opendaylight | Will not fix | ||
| Red Hat OpenStack Platform 12 (Pike) | opendaylight | Will not fix | ||
| Red Hat OpenStack Platform 13 (Queens) | opendaylight | Affected | ||
| Red Hat OpenStack Platform 8 (Liberty) | opendaylight | Not affected | ||
| Red Hat OpenStack Platform 9 (Mitaka) | opendaylight | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-285
https://bugzilla.redhat.com/show_bug.cgi?id=1530424opendaylight: Previous password continues to work after password change
EPSS
Процентиль: 45%
0.00228
Низкий
7.5 High
CVSS3
Связанные уязвимости
CVSS3: 7.5
nvd
около 8 лет назад
OpenDaylight Karaf 0.6.1-Carbon fails to clear the cache after a password change, allowing the old password to be used until the Karaf cache is manually cleared (e.g. via restart).
CVSS3: 7.5
github
больше 3 лет назад
Password change doesn't result in Karaf clearing cache
EPSS
Процентиль: 45%
0.00228
Низкий
7.5 High
CVSS3