CVE-2023-1633

Insecure barbican configuration file leaking credential

CVSS 6.6 MEDIUMEPSS 0.2%CWE-200

A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

Produtos afetados

n/a · openstack-barbican RDO · OpenStack RDO Red Hat · Red Hat OpenStack Platform 13 (Queens)Red Hat · Red Hat OpenStack Platform 16.1 Red Hat · Red Hat OpenStack Platform 16.2 Red Hat · Red Hat OpenStack Platform 17.0

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://access.redhat.com/security/cve/CVE-2023-1633 https://bugzilla.redhat.com/show_bug.cgi?id=2181761