Описание
A flaw was found in tripleo-ansible version as shipped in Red Hat Openstack 16.1. The Ansible log file is readable to all users during stack update and creation. The highest threat from this vulnerability is to data confidentiality.
A flaw was found in tripleo-ansible. The Ansible log file is readable to all users during stack update and creation. The highest threat from this vulnerability is to data confidentiality.
Меры по смягчению последствий
This vulnerability can be resolved by manually adjusting the file permissions. Run the following command: chmod o-r /var/lib/mistral/overcloud/ansible.log
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
A flaw was found in tripleo-ansible version as shipped in Red Hat Openstack 16.1. The Ansible log file is readable to all users during stack update and creation. The highest threat from this vulnerability is to data confidentiality.
A flaw was found in tripleo-ansible version as shipped in Red Hat Openstack 16.1. The Ansible log file is readable to all users during stack update and creation. The highest threat from this vulnerability is to data confidentiality.
7.5 High
CVSS3