7809 matches found
CVE-2023-1636 Incomplete container isolation
A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any service is...
CVE-2023-1636 Incomplete container isolation
A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any service is...
CVE-2023-1636
OpenStack Barbican containers in an all‑in‑one configuration share CGROUP, USER, and NET namespaces with the host and other services, allowing a compromised service to access data transmitted to/from Barbican. The CVE-2023-1636 entry describes an information‑disclosure risk due to incomplete cont...
CVE-2023-1636
A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any service is...
CVE-2023-1625 Information leak in api
An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system...
CVE-2023-1625
CVE-2023-1625 affects OpenStack Heat. A disclosed information leak allows a remote, authenticated attacker to use the stack show command to reveal otherwise hidden parameters. Impact is described as low for confidentiality and low for other aspects, with exploitation tied to OpenStack Heat behavi...
CVE-2023-1625 Information leak in api
An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system...
CVE-2023-1625
An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system...
PT-2023-17135 · Openstack · Openstack-Barbican
Name of the Vulnerable Software and Affected Versions: OpenStack Barbican affected versions not specified Description: A credentials leak flaw was found in OpenStack Barbican, allowing a local authenticated attacker to read the configuration file and gain access to sensitive credentials...
PT-2023-17138 · Openstack · Openstack-Barbican
Name of the Vulnerable Software and Affected Versions: OpenStack Barbican affected versions not specified Description: A vulnerability was found in OpenStack Barbican containers, applicable only to deployments utilizing an all-in-one configuration. Barbican containers share the same CGROUP, USER,...
CVE-2022-3596
An information leak was found in OpenStack's undercloud. This flaw allows unauthenticated, remote attackers to inspect sensitive data after discovering the IP address of the undercloud, possibly leading to compromising private information, including administrator access credentials...
CVE-2022-3596
An information leak was found in OpenStack's undercloud. This flaw allows unauthenticated, remote attackers to inspect sensitive data after discovering the IP address of the undercloud, possibly leading to compromising private information, including administrator access credentials...
CVE-2022-3596
An information leak was found in OpenStack's undercloud. This flaw allows unauthenticated, remote attackers to inspect sensitive data after discovering the IP address of the undercloud, possibly leading to compromising private information, including administrator access credentials...
Information disclosure
An information leak was found in OpenStack's undercloud. This flaw allows unauthenticated, remote attackers to inspect sensitive data after discovering the IP address of the undercloud, possibly leading to compromising private information, including administrator access credentials...
CVE-2022-3596 Instack-undercloud: rsync leaks information to undercloud
An information leak was found in OpenStack's undercloud. This flaw allows unauthenticated, remote attackers to inspect sensitive data after discovering the IP address of the undercloud, possibly leading to compromising private information, including administrator access credentials...
CVE-2022-3596 Instack-undercloud: rsync leaks information to undercloud
An information leak was found in OpenStack's undercloud. This flaw allows unauthenticated, remote attackers to inspect sensitive data after discovering the IP address of the undercloud, possibly leading to compromising private information, including administrator access credentials...
CVE-2022-3596
CVE-2022-3596 affects OpenStack Platform’s undercloud (instack-undercloud) and is caused by an information disclosure where the rsync daemon can leak data to the undercloud. This unauthenticated, remote-access flaw may allow attackers to inspect sensitive data, including administrator credentials...
CVE-2022-3261
A flaw was found in OpenStack. Multiple components show plain-text passwords in /var/log/messages during the OpenStack overcloud update run, leading to a disclosure of sensitive information problem...
CVE-2022-3261
A flaw was found in OpenStack. Multiple components show plain-text passwords in /var/log/messages during the OpenStack overcloud update run, leading to a disclosure of sensitive information problem...
CVE-2022-3261
A flaw was found in OpenStack. Multiple components show plain-text passwords in /var/log/messages during the OpenStack overcloud update run, leading to a disclosure of sensitive information problem...