tripleo-heat-templates contains a world readable data vulnerability. The library does not set the proper permissions during the creation of the ceph.client.openstack.keyring
, allowing a local user to access the keyring to read or modify data. This vulnerability only affects setups with openstack deployed on ceph servers.
CPE | Name | Operator | Version |
---|---|---|---|
tripleo-heat-templates | le | 8.0.0.0b1 |