CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2016-4474

HIGH
8.8
CVSS Severity Score
EPSS Score0.0650%
EPSS Percentile39.47th
Published2016年6月30日
Last Modified2026年5月6日

Vulnerability Description

The image build process for the overcloud images in Red Hat OpenStack Platform 8.0 (Liberty) director and Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) director (aka overcloud-full) use a default root password of ROOTPW, which allows attackers to gain access via unspecified vectors.

Affected Platforms (CPE)

📦
Redhat

Openstack

= 7.0
📦
Redhat

Openstack

= 8

References & Advisories

🔗 http://rhn.redhat.com/errata/RHSA-2016-1222.html
🔗 https://access.redhat.com/security/vulnerabilities/2359821
🔗 https://rhn.redhat.com/errata/RHSA-2016-1223.html
🔗 http://rhn.redhat.com/errata/RHSA-2016-1222.html
🔗 https://access.redhat.com/security/vulnerabilities/2359821
🔗 https://rhn.redhat.com/errata/RHSA-2016-1223.html

相關漏洞威脅

CVE-2015-184210.0

The puppet manifests in the Red Hat openstack-puppet-modules package before 2014.2.13-2 uses a default password of CHANGEME for th...

CVE-2020-269439.9

An issue was discovered in OpenStack blazar-dashboard before 1.3.1, 2.0.0, and 3.0.0. A user allowed to access the Blazar dashboar...

CVE-2020-107319.9

A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabl...

CVE-2017-26379.9

A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. L...