Lucene search

RedhatVULNRICHMENT:CVE-2022-3261

HistorySep 15, 2023 - 8:20 p.m.

CVE-2022-3261 Plain-text passwords saved in /var/log/messages

2023-09-1520:20:18

CWE-256

redhat

github.com

openstack

passwords

sensitive information

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

AI Score

6.2

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

A flaw was found in OpenStack. Multiple components show plain-text passwords in /var/log/messages during the OpenStack overcloud update run, leading to a disclosure of sensitive information problem.

References

access.redhat.com/security/cve/CVE-2022-3261

bugzilla.redhat.com/show_bug.cgi?id=2128834

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

AI Score

6.2

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2022-3261