Search CVE reports


Toggle filters

1 – 7 of 7 results


CVE-2021-3585

Medium priority
Needs evaluation

A flaw was found in openstack-tripleo-heat-templates. Plain passwords from RHSM exist in the logs during OSP13 deployment with subscription-manager.

1 affected package

tripleo-heat-templates

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tripleo-heat-templates Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2021-4180

Medium priority
Needs evaluation

An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the www_authenticate_uri parameter (which is visible to...

1 affected package

tripleo-heat-templates

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tripleo-heat-templates Needs evaluation Needs evaluation
Show less packages

CVE-2018-10898

Low priority
Needs evaluation

A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials.

1 affected package

tripleo-heat-templates

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tripleo-heat-templates Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2017-12155

Medium priority
Needs evaluation

A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph...

1 affected package

tripleo-heat-templates

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tripleo-heat-templates Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2017-15114

Medium priority
Needs evaluation

When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows...

1 affected package

tripleo-heat-templates

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tripleo-heat-templates Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2015-5271

Medium priority
Ignored

The TripleO Heat templates (tripleo-heat-templates) do not properly order the Identity Service (keystone) before the OpenStack Object Storage (Swift) staticweb middleware in the swiftproxy pipeline when the staticweb middleware is...

1 affected package

tripleo-heat-templates

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tripleo-heat-templates Not affected Not affected
Show less packages

CVE-2015-5303

Medium priority
Vulnerable

The TripleO Heat templates (tripleo-heat-templates), when deployed via the commandline interface, allow remote attackers to spoof OpenStack Networking metadata requests by leveraging knowledge of the default value of...

1 affected package

tripleo-heat-templates

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tripleo-heat-templates Not in release Not in release Not in release Not affected Vulnerable
Show less packages