Lucene search

K
prionPRIOn knowledge basePRION:CVE-2022-3146
HistoryMar 23, 2023 - 9:15 p.m.

Default configuration

2023-03-2321:15:00
PRIOn knowledge base
www.prio-n.com
5
tripleo-ansible
insecure configuration
local attacker
sensitive file
information disclosure
openstack deployment

5 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.0%

A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file. This issue leads to information disclosure of important configuration details from the OpenStack deployment.

5 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.0%