Overview
- Description
- An information leak was found in OpenStack's undercloud. This flaw allows unauthenticated, remote attackers to inspect sensitive data after discovering the IP address of the undercloud, possibly leading to compromising private information, including administrator access credentials.
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
- secalert@redhat.com
- CWE-402
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openstack_platform:13.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C52600BF-9E87-4CD2-91F3-685AFE478C1E"
},
{
"criteria": "cpe:2.3:a:redhat:openstack_platform:13.0:*:*:*:els:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DAB5A865-2253-4A36-853C-764C4060A6BD"
}
],
"operator": "OR"
}
]
}
]