Lucene search
Veracode Vulnerability DatabaseVERACODE:5653HistoryJan 05, 2018 - 1:45 a.m.
World Readable Data
2018-01-0501:45:43
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.0004 Low
EPSS
Percentile
5.1%
tripleo-heat-templates contains a world readable data vulnerability. The library does not set the proper permissions during the creation of the ceph.client.openstack.keyring, allowing a local user to access the keyring to read or modify data. This vulnerability only affects setups with openstack deployed on ceph servers.
| CPE | Name | Operator | Version |
|---|---|---|---|
| tripleo-heat-templates | le | 8.0.0.0b1 |
Related
github
github
Openstack tripleo-heat-templates unauthenticated file access
2022-05-13 01:42:38
prion
prion
Code injection
2017-12-12 20:29:00
osv
osv
Openstack tripleo-heat-templates unauthenticated file access
2022-05-13 01:42:38
cve
cve
CVE-2017-12155
2017-12-12 20:29:00
cvelist
cvelist
CVE-2017-12155
2017-09-20 00:00:00
redhat
redhat
nvd
nvd
CVE-2017-12155
2017-12-12 20:29:00
ubuntucve
ubuntucve
CVE-2017-12155
2017-12-12 00:00:00
veracode
veracode
World Readable Data
2019-01-15 09:21:12
redhatcve
redhatcve
CVE-2017-12155
2017-09-19 22:18:35
nessus
nessus
RHEL 7 : Red Hat OpenStack Platform director (RHSA-2018:1593)
2024-04-27 00:00:00
RHEL 7 : Red Hat OpenStack Platform director (RHSA-2018:1627)
2024-04-27 00:00:00