A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to information disclosure of important configuration details from the OpenStack deployment.
References
Link | Resource |
---|---|
https://access.redhat.com/security/cve/CVE-2022-3101 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2023-03-23T00:00:00
Updated: 2023-03-23T00:00:00
Reserved: 2022-09-02T00:00:00
Link: CVE-2022-3101
JSON object: View
NVD Information
Status : Modified
Published: 2023-03-23T21:15:18.880
Modified: 2023-11-07T03:50:47.407
Link: CVE-2022-3101
JSON object: View
Redhat Information
No data.