Описание
The TripleO Heat templates (tripleo-heat-templates) do not properly order the Identity Service (keystone) before the OpenStack Object Storage (Swift) staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive information from private containers via unspecified vectors.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 5.2.0-1 |
| cosmic | DNE | |
| devel | DNE | |
| esm-apps/bionic | not-affected | 5.2.0-1 |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | DNE | |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | DNE |
Показывать по
Ссылки на источники
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
The TripleO Heat templates (tripleo-heat-templates) do not properly order the Identity Service (keystone) before the OpenStack Object Storage (Swift) staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive information from private containers via unspecified vectors.
The TripleO Heat templates (tripleo-heat-templates) do not properly order the Identity Service (keystone) before the OpenStack Object Storage (Swift) staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive information from private containers via unspecified vectors.
The TripleO Heat templates (tripleo-heat-templates) do not properly or ...
TripleO Heat templates might allow remote attackers to obtain sensitive information from private containers
5 Medium
CVSS2
7.5 High
CVSS3