Описание
An access-control flaw was found in the OpenStack Designate component where private configuration information including access keys to BIND were improperly made world readable. A malicious attacker with access to any container could exploit this flaw to access sensitive information.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | code not present |
| esm-apps/xenial | not-affected | code not present |
| esm-infra/bionic | not-affected | code not present |
| esm-infra/focal | not-affected | code not present |
| focal | not-affected | code not present |
| jammy | not-affected | code not present |
| mantic | not-affected | code not present |
| noble | not-affected | code not present |
| upstream | not-affected | code not present |
Показывать по
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
An access-control flaw was found in the OpenStack Designate component where private configuration information including access keys to BIND were improperly made world readable. A malicious attacker with access to any container could exploit this flaw to access sensitive information.
An access-control flaw was found in the OpenStack Designate component where private configuration information including access keys to BIND were improperly made world readable. A malicious attacker with access to any container could exploit this flaw to access sensitive information.
An access-control flaw was found in the OpenStack Designate component ...
An access-control flaw was found in the OpenStack Designate component where private configuration information including access keys to BIND were improperly made world readable. A malicious attacker with access to any container could exploit this flaw to access sensitive information.
Уязвимость службы управления системой доменных имен Designate платформы для построения облачных решений OpenStack Platform, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
5.5 Medium
CVSS3