CVE-2021-3563

A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity...

CVE-2021-3563

CVE-2021-3563 affects OpenStack Keystone. The issue stems from keystone only validating the first 72 characters of an application secret, enabling bypass of some password complexity checks and affecting confidentiality and integrity. The vulnerability is listed across multiple advisories (e.g., D...

CVE-2021-3585

CVE-2021-3585 affects openstack-tripleo-heat-templates. The issue is that plain passwords from RHSM are logged during OSP13 deployment with subscription-manager, exposing sensitive credentials locally. CVSS-3.1 base score 5.5 (Medium) with Local attack vector, low complexity, and confidentiality ...

CVE-2021-3585

A flaw was found in openstack-tripleo-heat-templates. Plain passwords from RHSM exist in the logs during OSP13 deployment with subscription-manager...

CVE-2021-3563

A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity...

Red Hat OpenStack Platform 安全漏洞

Red Hat OpenStack Platform is a cloud computing management platform from the US-based Red Hat, Inc. Red Hat OpenStack Platform suffers from a security vulnerability that stems from the fact that it only validates the first 72 characters of an application key allowing an attacker to bypass some of...

PT-2022-10474 · Openstack · Openstack-Tripleo-Heat-Templates

Name of the Vulnerable Software and Affected Versions: openstack-tripleo-heat-templates affected versions not specified Description: A flaw was found in openstack-tripleo-heat-templates where plain passwords from RHSM exist in the logs during OSP13 deployment with subscription-manager...

PT-2022-10472

Name of the Vulnerable Software and Affected Versions openstack-keystone affected versions not specified Description A flaw was found in openstack-keystone, where only the first 72 characters of an application secret are verified. This allows attackers to bypass some password complexity that...

openstack-tripleo-heat-templates 安全漏洞

openstack-tripleo-heat-templates is a set of templates and tools for building Heat templates for OpenStack deployment. A security vulnerability exists in openstack-tripleo-heat-templates that stems from the presence of plain passwords from RHSM in its logs during the deployment of OSP13 using...

SUSE: Security Advisory (SUSE-SU-2022:2899-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:2898-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:2846-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:2819-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:2811-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (etcd) security update

An update for etcd is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (collectd-libpod-stats) security update

An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (collectd-libpod-stats) security update

An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (etcd) security update

An update for etcd is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

RHEL 8 : Red Hat OpenStack Platform 16.1 (collectd-libpod-stats) (RHSA-2022:6065)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:6065 advisory. Collectd plugin for gathering resource usage statistics from containers created with the libpod library. Security Fixes: golang: compress/gzip: stack...

RHEL 8 : Red Hat OpenStack Platform 16.2 (collectd-libpod-stats) (RHSA-2022:6062)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:6062 advisory. Collectd plugin for gathering resource usage statistics from containers created with the libpod library. Security Fixes: golang: compress/gzip: stack...