Unknown · Tripleo-Ansible · CVE-2022-3146
**Name of the Vulnerable Software and Affected Versions**
tripleo-ansible (affected versions not specified)
**Description**
A flaw in the default configuration of tripleo-ansible causes insufficient restriction of permissions for a sensitive file. This allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to information disclosure of important OpenStack deployment configuration details.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.