CyberSec.Space Logo
返回 CVE 浏览器

CVE-2018-16856

MEDIUM
5.5
CVSS Severity Score
EPSS Score0.0070%
EPSS Percentile4.98th
Published2019年3月26日
Last Modified2024年11月21日

Vulnerability Description

In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowing for information exposure.

Affected Platforms (CPE)

📦
Openstack

Octavia

>= 2.0.0 and < 2.0.2-5
📦
Openstack

Octavia

>= 3.0.0 and < 3.0.1-0.20181009115732
📦
Redhat

Openstack

= 12
📦
Redhat

Openstack

= 13
📦
Redhat

Openstack

= 14

References & Advisories

🔗 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16856
🔗 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16856

相关漏洞威胁

CVE-2019-171349.1

Amphora Images in OpenStack Octavia >=0.10.0 <2.1.2, >=3.0.0 <3.2.0, >=4.0.0 <4.1.0 allows anyone with access to the management ne...

CVE-2019-38958.0

An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Dire...

CVE-2018-261110.0

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Core Service...

CVE-2018-010110.0

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could ...