// For flags

CVE-2021-4180

openstack-tripleo-heat-templates: data leak of internal URL through keystone_authtoken

Severity Score

4.3
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the www_authenticate_uri parameter (which is visible to all end users) in configuration files. This would give sensitive information which may aid in additional system exploitation. This flaw affects openstack-tripleo-heat-templates versions prior to 11.6.1.

Un fallo de exposición de información en openstack-tripleo-heat-templates permite a un usuario externo detectar la IP interna o el nombre de host. Un atacante podría explotar esto al comprobar el parámetro www_authenticate_uri (que es visible para todos los usuarios finales) en los archivos de configuración. Esto daría información confidencial que podría ayudar a una explotación adicional del sistema. Este fallo afecta a versiones de openstack-tripleo-heat-templates anteriores a 11.6.1

An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the www_authenticate_uri parameter (which is visible to all end users) in configuration files. This would give sensitive information which may aid in additional system exploitation.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-12-27 CVE Reserved
  • 2022-03-23 CVE Published
  • 2023-10-14 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
  • CWE-668: Exposure of Resource to Wrong Sphere
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Openstack
Search vendor "Openstack"
 Tripleo Heat Templates
Search vendor "Openstack" for product "Tripleo Heat Templates"
 < 11.6.1
Search vendor "Openstack" for product "Tripleo Heat Templates" and version " < 11.6.1"
-
Affected
Redhat
Search vendor "Redhat"
 Openstack
Search vendor "Redhat" for product "Openstack"
 13
Search vendor "Redhat" for product "Openstack" and version "13"
-
Affected
Redhat
Search vendor "Redhat"
 Openstack
Search vendor "Redhat" for product "Openstack"
 16.1
Search vendor "Redhat" for product "Openstack" and version "16.1"
-
Affected
Redhat
Search vendor "Redhat"
 Openstack
Search vendor "Redhat" for product "Openstack"
 16.2
Search vendor "Redhat" for product "Openstack" and version "16.2"
-
Affected