4 matches found
CVE-2022-3596
CVE-2022-3596 affects OpenStack Platform’s undercloud (instack-undercloud) and is caused by an information disclosure where the rsync daemon can leak data to the undercloud. This unauthenticated, remote-access flaw may allow attackers to inspect sensitive data, including administrator credentials...
RHEL 7 : Red Hat OpenStack Platform 13.0 (instack-undercloud) (RHSA-2022:8897)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:8897 advisory. Installation tools to install an undercloud via instack Security Fixes: instack-undercloud: rsync leaks information to undercloud CVE-2022-3596 For...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 13.0 (instack-undercloud) security update
An update for instack-undercloud is now available for Red Hat OpenStack Platform 13 Queens. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
CVE-2022-3596
An information leak was found in OpenStack's undercloud. This flaw allows unauthenticated, remote attackers to inspect sensitive data after discovering the IP address of the undercloud, possibly leading to compromising private information, including administrator access credentials. Mitigation Th...