CVE-2021-4180
N/A
N/A
Summary
An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the www_authenticate_uri parameter (which is visible to all end users) in configuration files. This would give sensitive information which may aid in additional system exploitation. This flaw affects openstack-tripleo-heat-templates versions prior to 11.6.1.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | openstack-tripleo-heat-templates | openstack-tripleo-heat-templates versions prior to 11.6.1 | affected |
Weaknesses
- CWE-200: CWE-200
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.