CVE ID | Published | Description | Score | Severity |
---|---|---|---|---|
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to information disclosure of important configuration details from the OpenStack deployment. | 5.5 |
Medium |
||
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file. This issue leads to information disclosure of important configuration details from the OpenStack deployment. | 5.5 |
Medium |
||
A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API. | 5.9 |
Medium |