A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to information disclosure of important configuration details from the OpenStack deployment.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
EUVD-2023-0934 | A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to information disclosure of important configuration details from the OpenStack deployment. |
![]() |
GHSA-7x96-2w32-w3gw | tripleo-ansible may disclose important configuration details from an OpenStack deployment |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Tue, 25 Feb 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2025-02-25T15:42:13.130Z
Reserved: 2022-09-02T00:00:00.000Z
Link: CVE-2022-3101

Updated: 2024-08-03T01:00:10.848Z

Status : Modified
Published: 2023-03-23T21:15:18.880
Modified: 2024-11-21T07:18:49.813
Link: CVE-2022-3101


No data.