漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to information disclosure of important configuration details from the OpenStack deployment.
CVSS Information
N/A
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Red Hat OpenStack Platform 安全漏洞
Vulnerability Description
Red Hat OpenStack Platform是美国红帽(Red Hat)公司的一个云计算管理平台。 Red Hat OpenStack Platform 16.1版本和16.2版本存在安全漏洞,该漏洞源于在Tripleo-ansible不安全的默认配置,敏感文件的权限没有得到充分限制,允许本地攻击者使用暴力破解相关目录并发现文件,从而导致部署中重要配置细节的信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A