Vulnerabilities (CVE)

Filtered by vendor Openstack Subscribe
Filtered by product Tripleo Ansible
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-3146 2 Openstack, Redhat 3 Tripleo Ansible, Openstack, Openstack For Ibm Power 2024-11-21 N/A 5.5 MEDIUM
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file. This issue leads to information disclosure of important configuration details from the OpenStack deployment.
CVE-2022-3101 2 Openstack, Redhat 3 Tripleo Ansible, Openstack, Openstack For Ibm Power 2024-11-21 N/A 5.5 MEDIUM
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to information disclosure of important configuration details from the OpenStack deployment.