5 matches found
RHEL 8 : Red Hat OpenStack Platform 16.2 (openstack-tripleo-heat-templates) (RHSA-2022:0995)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:0995 advisory. Heat templates for TripleO Security Fixes: Data leak of internal URL through keystoneauthtoken CVE-2021-4180 For more details about the security...
CVE-2021-4180
creationtimestamp| type| source ---|---|--- 2022-03-23 23:29:10+00:00| seen| https://t.me/cibsecurity/39451...
Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (openstack-tripleo-heat-templates) security update
An update for openstack-tripleo-heat-templates is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
CVE-2021-4180
An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the wwwauthenticateuri parameter which is visible to all end users in configuration files. This would give sensitive...
CVE-2021-4180
The CVE affects openstack-tripleo-heat-templates (older than 11.6.1). The underlying issue is an information exposure: an external user can discover internal IP addresses or hostnames by inspecting the www_authenticate_uri parameter in configuration files. This data leakage is specifically tied t...