exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2017-12155

около 8 лет назад

A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume.

CVSS3: 6.3

EPSS: Низкий

CVE-2017-12155

больше 8 лет назад

A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume.

CVSS3: 8.4

EPSS: Низкий

CVE-2017-12155

около 8 лет назад

A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume.

CVSS3: 6.3

EPSS: Низкий

CVE-2017-12155

около 8 лет назад

A resource-permission flaw was found in the openstack-tripleo-heat-tem ...

CVSS3: 6.3

EPSS: Низкий

GHSA-w8gx-hhcx-px6w

больше 3 лет назад

Openstack tripleo-heat-templates unauthenticated file access

CVSS3: 6.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2017-12155 A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume.	CVSS3: 6.3	0% Низкий	около 8 лет назад
CVE-2017-12155 A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume.	CVSS3: 8.4	0% Низкий	больше 8 лет назад
CVE-2017-12155 A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume.	CVSS3: 6.3	0% Низкий	около 8 лет назад
CVE-2017-12155 A resource-permission flaw was found in the openstack-tripleo-heat-tem ...	CVSS3: 6.3	0% Низкий	около 8 лет назад
GHSA-w8gx-hhcx-px6w Openstack tripleo-heat-templates unauthenticated file access	CVSS3: 6.3	0% Низкий	больше 3 лет назад

Уязвимостей на страницу