Описание
A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenStack Platform 13 (Queens) | openstack-barbican | Out of support scope | ||
| Red Hat OpenStack Platform 16.1 | openstack-barbican | Will not fix | ||
| Red Hat OpenStack Platform 17.0 | openstack-barbican | Out of support scope | ||
| Red Hat OpenStack Platform 16.2 | openstack-barbican | Fixed | RHSA-2023:6231 | 08.11.2023 |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-200
https://bugzilla.redhat.com/show_bug.cgi?id=2181761openstack-barbican: Insecure Barbican configuration file leaking credential
6.6 Medium
CVSS3
Связанные уязвимости
CVSS3: 6.6
ubuntu
больше 2 лет назад
A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials.
CVSS3: 6.6
nvd
больше 2 лет назад
A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials.
CVSS3: 6.6
debian
больше 2 лет назад
A credentials leak flaw was found in OpenStack Barbican. This flaw all ...
6.6 Medium
CVSS3