Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7811 matches found

OSV
OSVadded 2023/03/23 9:30 p.m.16 views

GHSA-7X96-2W32-W3GW tripleo-ansible may disclose important configuration details from an OpenStack deployment

A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to information disclosure of...

5.5CVSS5.2AI score0.00201EPSS
Exploits0References3
OSV
OSVadded 2023/03/23 9:15 p.m.5 views

CVE-2022-3146

A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file. This issue leads to information...

5.5CVSS5.7AI score0.002EPSS
Exploits0References1
NVD
NVDadded 2023/03/23 9:15 p.m.40 views

CVE-2022-3146

A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file. This issue leads to information...

5.5CVSS5AI score0.002EPSS
Exploits0References1
NVD
NVDadded 2023/03/23 9:15 p.m.34 views

CVE-2022-3101

A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to information disclosure of...

5.5CVSS5.1AI score0.00201EPSS
Exploits0References1
Prion
Prionadded 2023/03/23 9:15 p.m.24 views

Default configuration

A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file. This issue leads to information...

1.7CVSS5AI score0.002EPSS
Exploits0References1Affected Software2
Prion
Prionadded 2023/03/23 9:15 p.m.25 views

Default configuration

A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to information disclosure of...

1.7CVSS5AI score0.00201EPSS
Exploits0References1Affected Software2
Positive Technologies
Positive Technologiesadded 2023/03/23 12:0 a.m.4 views

PT-2023-13026 · Unknown · Tripleo-Ansible

Name of the Vulnerable Software and Affected Versions: tripleo-ansible affected versions not specified Description: A flaw in the default configuration of tripleo-ansible allows a local attacker to potentially disclose important configuration details from an OpenStack deployment through brute for...

5.5CVSS5.3AI score0.00201EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2023/03/23 12:0 a.m.6 views

CVE-2022-3101

A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to information disclosure of...

5.1AI score0.00201EPSS
Exploits0References1
Cvelist
Cvelistadded 2023/03/23 12:0 a.m.35 views

CVE-2022-3101

A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to information disclosure of...

5.3AI score0.00201EPSS
Exploits0References1
CVE
CVEadded 2023/03/23 12:0 a.m.105 views

CVE-2022-3146

CVE-2022-3146 is described in public advisories as a vulnerability in Red Hat OpenStack Platform (tripleo-ansible) where an insecure default configuration leaves a sensitive file with insufficient permissions. This can allow a local attacker to brute-force the relevant directory and discover the ...

5.5CVSS4.9AI score0.002EPSS
Exploits0References1Affected Software3
Cvelist
Cvelistadded 2023/03/23 12:0 a.m.43 views

CVE-2022-3146

A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file. This issue leads to information...

5.3AI score0.002EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/03/23 12:0 a.m.6 views

CVE-2022-3146

A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file. This issue leads to information...

5.1AI score0.002EPSS
Exploits0References1
CVE
CVEadded 2023/03/23 12:0 a.m.100 views

CVE-2022-3101

The CVE-2022-3101 entry affects tripleo-ansible, where an insecure default configuration leaves a sensitive file with insufficient permissions. This enables a local attacker to brute-force the relevant directory to discover the file, leading to disclosure of important OpenStack deployment configu...

5.5CVSS4.9AI score0.00201EPSS
Exploits0References1Affected Software3
SUSE CVE
SUSE CVEadded 2023/03/22 4:9 a.m.2 views

SUSE CVE-2022-47951

An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, a...

8.8CVSS8.6AI score0.01025EPSS
Exploits1References5
OSV
OSVadded 2023/03/21 12:25 p.m.6 views

SUSE-SU-2023:0844-1 Security update for openstack-cinder, openstack-glance, openstack-neutron-gbp, openstack-nova, python-oslo.utils

This update for openstack-cinder, openstack-glance, openstack-neutron-gbp, openstack-nova, python-oslo.utils contains the following fixes: Security fixes included on this update: openstack-cinder, openstack-glance, openstack-nova: - CVE-2022-47951: Fixed file access control through custom VMDK fl...

5.7CVSS5.9AI score0.01025EPSS
Exploits1References3
RedHat Linux
RedHat Linuxadded 2023/03/15 7:59 p.m.112 views

Important: Red Hat Security Advisory: Red Hat OpenStack Platform (openstack-nova) security update

An update for openstack-nova is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

5.7CVSS6.7AI score0.01025EPSS
Exploits1References2
RedHat Linux
RedHat Linuxadded 2023/03/15 7:58 p.m.38 views

Important: Red Hat Security Advisory: Red Hat OpenStack Platform (python-werkzeug) security update

An update for python-werkzeug is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

7.5CVSS6.8AI score0.0142EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2023/03/15 7:58 p.m.2 views

openstack: Arbitrary file access through custom VMDK flat descriptor

A flaw was found in OpenStack-nova, Openstack-glance, and Openstack-cinder. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized...

5.7CVSS7.3AI score0.01025EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2023/03/15 7:58 p.m.42 views

Important: Red Hat Security Advisory: Synopsis: Red Hat OpenStack Platform (openstack-cinder) security update

An update for openstack-cinder is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

5.7CVSS6.8AI score0.01025EPSS
Exploits1References2
RedHat Linux
RedHat Linuxadded 2023/03/15 7:58 p.m.33 views

Important: Red Hat Security Advisory: Synopsis: Red Hat OpenStack Platform (openstack-glance) security update

An update for openstack-glance is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

5.7CVSS6.8AI score0.01025EPSS
Exploits1References2
Rows per page
Query Builder