Redhat: >> Openstack Essex Security Vulnerabilities
openstack-utils openstack-db has insecure password creation
CVSS Score
7.5
EPSS Score
0.003
Published
2019-12-10
A flaw was found in PackStack. This vulnerability allows a local user to modify deployed systems by changing the answer file, which is created in insecure directories such as /tmp or the current working directory. This insecure file creation could lead to unauthorized system modifications.
CVSS Score
6.1
EPSS Score
0.001
Published
2013-04-10
Red Hat OpenStack Essex and Folsom creates the /var/log/puppet directory with world-readable permissions, which allows local users to obtain sensitive information such as Puppet log files.
CVSS Score
2.1
EPSS Score
0.0
Published
2013-04-10