An information leak was found in OpenStack's undercloud. This flaw allows unauthenticated, remote attackers to inspect sensitive data after discovering the IP address of the undercloud, possibly leading to compromising private information, including administrator access credentials.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2022:8897 | Vendor Advisory |
https://access.redhat.com/security/cve/CVE-2022-3596 | Mitigation Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2136596 | Issue Tracking Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
22 Sep 2023, 18:47
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CPE | cpe:2.3:a:redhat:openstack_platform:13.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:openstack_platform:13.0:*:*:*:els:*:*:* |
|
CWE | NVD-CWE-noinfo | |
References | (MISC) https://access.redhat.com/security/cve/CVE-2022-3596 - Mitigation, Vendor Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2136596 - Issue Tracking, Vendor Advisory | |
References | (MISC) https://access.redhat.com/errata/RHSA-2022:8897 - Vendor Advisory | |
First Time |
Redhat openstack Platform
Redhat |
20 Sep 2023, 20:18
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-20 20:15
Updated : 2023-12-10 15:14
NVD link : CVE-2022-3596
Mitre link : CVE-2022-3596
CVE.ORG link : CVE-2022-3596
JSON object : View
Products Affected
redhat
- openstack_platform
CWE