A flaw was found in openstack-tripleo-heat-templates. Plain passwords from RHSM exist in the logs during OSP13 deployment with subscription-manager.
References
Link | Resource |
---|---|
https://review.opendev.org/c/openstack/tripleo-heat-templates/+/791988 | Patch Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=1968247 | Issue Tracking Third Party Advisory |
https://bugs.launchpad.net/tripleo/+bug/1931132 | Exploit Third Party Advisory |
https://access.redhat.com/security/cve/CVE-2021-3585 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=1961709 | Issue Tracking Permissions Required |
Configurations
Information
Published : 2022-08-26 09:15
Updated : 2022-09-01 09:09
NVD link : CVE-2021-3585
Mitre link : CVE-2021-3585
JSON object : View
CWE
CWE-312
Cleartext Storage of Sensitive Information
Products Affected
openstack
- tripleo_heat_templates