2 results (0.002 seconds)

CVSS: 7.3EPSS: 0%CPEs: 5EXPL: 0

A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file. This issue leads to information disclosure of important configuration details from the OpenStack deployment. • https://access.redhat.com/security/cve/CVE-2022-3146 https://bugzilla.redhat.com/show_bug.cgi?id=2124721 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-276: Incorrect Default Permissions CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.3EPSS: 0%CPEs: 5EXPL: 0

A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to information disclosure of important configuration details from the OpenStack deployment. • https://access.redhat.com/security/cve/CVE-2022-3101 https://bugzilla.redhat.com/show_bug.cgi?id=2123870 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-276: Incorrect Default Permissions CWE-732: Incorrect Permission Assignment for Critical Resource •