Lucene search
PRIOn knowledge basePRION:CVE-2022-3146HistoryMar 23, 2023 - 9:15 p.m.
Default configuration
2023-03-2321:15:00
PRIOn knowledge base
www.prio-n.com
5
tripleo-ansible
insecure configuration
local attacker
sensitive file
information disclosure
openstack deployment
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file. This issue leads to information disclosure of important configuration details from the OpenStack deployment.
| CPE | Name | Operator | Version |
|---|---|---|---|
| openstack | eq | 16.1 | |
| openstack | eq | 16.2 | |
| openstack_for_ibm_power | eq | 16.1 | |
| openstack_for_ibm_power | eq | 16.2 |
Related
osv
osv
github
github
nvd
nvd
CVE-2022-3146
2023-03-23 21:15:19
veracode
veracode
Information Disclosure
2022-11-10 00:13:04
cve
cve
CVE-2022-3146
2023-03-23 21:15:19
redhatcve
redhatcve
CVE-2022-3146
2022-09-07 03:36:55
cvelist
cvelist
CVE-2022-3146
2023-03-23 00:00:00
redhat
redhat
nessus
nessus
RHEL 8 : Red Hat OpenStack Platform (tripleo-ansible) (RHSA-2022:6969)
2022-10-17 00:00:00