CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
EPSS
Percentile
48.3%
The log-viewing function in the Red Hat redhat-access-plugin before 6.0.3 for OpenStack Dashboard (horizon) allows remote attackers to read arbitrary files via a crafted path.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | horizon | < 3:23.0.0-5+deb12u1 | horizon_3:23.0.0-5+deb12u1_all.deb |
Debian | 11 | all | horizon | < 3:18.6.2-5+deb11u2 | horizon_3:18.6.2-5+deb11u2_all.deb |
Debian | 999 | all | horizon | < 3:24.0.0-2 | horizon_3:24.0.0-2_all.deb |
Debian | 13 | all | horizon | < 3:24.0.0-2 | horizon_3:24.0.0-2_all.deb |