CyberSec.Space Logo
CVEブラウザに戻る

CVE-2015-1842

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0610%
EPSS Percentile17.97th
Published2015年4月10日
Last Modified2026年5月6日

Vulnerability Description

The puppet manifests in the Red Hat openstack-puppet-modules package before 2014.2.13-2 uses a default password of CHANGEME for the pcsd daemon, which allows remote attackers to execute arbitrary shell commands via unspecified vectors.

Affected Platforms (CPE)

📦
Redhat

Openstack

<= 6.0

References & Advisories

🔗 http://rhn.redhat.com/errata/RHSA-2015-0789.html
🔗 http://rhn.redhat.com/errata/RHSA-2015-0791.html
🔗 http://rhn.redhat.com/errata/RHSA-2015-0830.html
🔗 http://rhn.redhat.com/errata/RHSA-2015-0831.html
🔗 http://rhn.redhat.com/errata/RHSA-2015-0832.html
🔗 http://www.securityfocus.com/bid/74049
🔗 https://bugzilla.redhat.com/show_bug.cgi?id=1201875
🔗 http://rhn.redhat.com/errata/RHSA-2015-0789.html

関連する脆弱性情報

CVE-2017-26379.9

A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. L...

CVE-2020-269439.9

An issue was discovered in OpenStack blazar-dashboard before 1.3.1, 2.0.0, and 3.0.0. A user allowed to access the Blazar dashboar...

CVE-2020-107319.9

A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabl...

CVE-2012-44069.8

OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loadin...