Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:37856
HistoryNov 10, 2022 - 12:13 a.m.

Information Disclosure

2022-11-1000:13:04
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
information disclosure
local attacker
brute force
sensitive files
software
permissions

0.0005 Low

EPSS

Percentile

16.0%

tripleo-ansible is vulnerable to information disclosure. A local attacker is able to use brute force to explore important configuration details due to insecure default configurations which allows an attacker to restrict the permissions of the sensitive files.

0.0005 Low

EPSS

Percentile

16.0%