CVE-2023-1625

CVSS v3.1

7.4

High

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions OpenStack heat (affected versions not specified)

Description An information leak was discovered in OpenStack heat, allowing a remote, authenticated attacker to use the 'stack show' command to reveal parameters that are supposed to remain hidden. This issue has a low impact on the confidentiality, integrity, and availability of the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-202

Related Identifiers

CVE-2023-1625

GHSA-5836-GRCC-8J89

SUSE-SU-2023:2378-1

SUSE-SU-2023:2379-1

USN-6066-1

USN-6293-1

Affected Products

Debian

Linuxmint

Openstack Heat

Ubuntu

CVE-2023-1625

Weakness Enumeration

Related Identifiers

Affected Products

References · 32