In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowing for information exposure.
Advisories
Source ID Title
EUVD EUVD EUVD-2019-0099 In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowing for information exposure.
Github GHSA Github GHSA GHSA-qcj3-h27m-mp9x Openstack Octavia allows Insertion of Sensitive Information into Log File
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2024-08-05T10:32:54.143Z

Reserved: 2018-09-11T00:00:00

Link: CVE-2018-16856

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-03-26T18:29:00.357

Modified: 2024-11-21T03:53:27.430

Link: CVE-2018-16856

cve-icon Redhat

Severity : Moderate

Publid Date: 2018-09-26T00:00:00Z

Links: CVE-2018-16856 - Bugzilla

cve-icon OpenCVE Enrichment

No data.