Lucene search
RedhatCVELIST:CVE-2022-3146HistoryMar 23, 2023 - 12:00 a.m.
CVE-2022-3146
2023-03-2300:00:00
CWE-22
redhat
www.cve.org
tripleo-ansible
insecure configuration
local attacker
brute force
sensitive file access
information disclosure
openstack deployment
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file. This issue leads to information disclosure of important configuration details from the OpenStack deployment.
CNA Affected
[
{
"vendor": "n/a",
"product": "tripleo-ansible",
"versions": [
{
"version": "unkown",
"status": "affected"
}
]
}
]Related
github
github
osv
osv
redhatcve
redhatcve
CVE-2022-3146
2022-09-07 03:36:55
prion
prion
Default configuration
2023-03-23 21:15:00
nvd
nvd
CVE-2022-3146
2023-03-23 21:15:19
veracode
veracode
Information Disclosure
2022-11-10 00:13:04
cve
cve
CVE-2022-3146
2023-03-23 21:15:19
redhat
redhat
nessus
nessus
RHEL 8 : Red Hat OpenStack Platform (tripleo-ansible) (RHSA-2022:6969)
2022-10-17 00:00:00