Openstack Essex CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2013-1815	1 Redhat	4 Openstack, Openstack Essex, Openstack Folsom and 1 more	2026-04-30	6.1 Medium
A flaw was found in PackStack. This vulnerability allows a local user to modify deployed systems by changing the answer file, which is created in insecure directories such as /tmp or the current working directory. This insecure file creation could lead to unauthorized system modifications.
CVE-2012-6120	1 Redhat	3 Openstack, Openstack Essex, Openstack Folsom	2025-04-11	N/A
Red Hat OpenStack Essex and Folsom creates the /var/log/puppet directory with world-readable permissions, which allows local users to obtain sensitive information such as Puppet log files.
CVE-2013-1793	1 Redhat	2 Openstack, Openstack Essex	2024-11-21	7.5 High
openstack-utils openstack-db has insecure password creation

Page 1 of 1.