OpenStack TripleO Heat Templates 0.7.8

CPE Details

OpenStack TripleO Heat Templates 0.7.8
openstack
tripleo_heat_templates
0.7.8
2019-09-17
13h27 +00:00
2019-09-17
13h27 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:openstack:tripleo_heat_templates:0.7.8:*:*:*:*:*:*:*

Informations

Vendor

openstack

Product

tripleo_heat_templates

Version

0.7.8

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-3585 2022-08-26 13h25 +00:00 A flaw was found in openstack-tripleo-heat-templates. Plain passwords from RHSM exist in the logs during OSP13 deployment with subscription-manager.
5.5
Medium
CVE-2021-4180 2022-03-23 18h46 +00:00 An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the www_authenticate_uri parameter (which is visible to all end users) in configuration files. This would give sensitive information which may aid in additional system exploitation. This flaw affects openstack-tripleo-heat-templates versions prior to 11.6.1.
4.3
Medium
CVE-2018-10898 2018-07-30 14h00 +00:00 A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials.
8.8
High
CVE-2015-5303 2016-04-11 19h00 +00:00 The TripleO Heat templates (tripleo-heat-templates), when deployed via the commandline interface, allow remote attackers to spoof OpenStack Networking metadata requests by leveraging knowledge of the default value of the NeutronMetadataProxySharedSecret parameter.
7.5
High