CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

openstack

tripleo_heat_templates

3 known vulnerabilities · sorted by CVSS score

CVE-2018-10898

HIGH8.8

A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials.

redhat / openstack+1

Adjacent

Published Jul 30, 2018

CVE-2021-3585

MEDIUM5.5

A flaw was found in openstack-tripleo-heat-templates. Plain passwords from RHSM exist in the logs during OSP13 deployment with subscription-manager.

openstack / tripleo_heat_templates

Local

Published Aug 26, 2022

CVE-2021-4180

MEDIUM4.3

An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the www_authenticate_uri parameter (which is visible to all end users) in configuration files. This would give sensitive information which may aid in additional system exploitation. This flaw affects openstack-tripleo-heat-templates versions prior to 11.6.1.

openstack / tripleo_heat_templates+3

Network

Published Mar 23, 2022