CyberSec.Space Logo
Back to CVE Browser

CVE-2018-16856

MEDIUM
5.5
CVSS Severity Score
EPSS Score0.0070%
EPSS Percentile4.98th
PublishedMar 26, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowing for information exposure.

Affected Platforms (CPE)

πŸ“¦
Openstack

Octavia

>= 2.0.0 and < 2.0.2-5
πŸ“¦
Openstack

Octavia

>= 3.0.0 and < 3.0.1-0.20181009115732
πŸ“¦
Redhat

Openstack

= 12
πŸ“¦
Redhat

Openstack

= 13
πŸ“¦
Redhat

Openstack

= 14

References & Advisories

πŸ”— https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16856
πŸ”— https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16856

Related Vulnerabilities

CVE-2019-171349.1

Amphora Images in OpenStack Octavia >=0.10.0 <2.1.2, >=3.0.0 <3.2.0, >=4.0.0 <4.1.0 allows anyone with access to the management ne...

CVE-2019-38958.0

An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Dire...

CVE-2018-261110.0

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Core Service...

CVE-2018-010110.0

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could ...