CVE-2022-3596

Summary

An information leak was found in OpenStack's undercloud. This flaw allows unauthenticated, remote attackers to inspect sensitive data after discovering the IP address of the undercloud, possibly leading to compromising private information, including administrator access credentials.

Affected Software

VendorProductVersion RangeStatus
Red HatRed Hat OpenStack Platform 13.0 - ELS0:8.4.9-13.el7ost < *unaffected
Red HatRed Hat OpenStack Platform 13.0 (Queens) for RHEL 7.6 EUS0:8.4.9-13.el7ost < *unaffected

Weaknesses

  • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak')

Workarounds

The rsync daemon is no longer needed and can be manually disabled by running the following commands on the undercloud:

sudo rm /etc/xinetd.d/rsync /etc/rsyncd.conf 
sudo systemctl restart xinetd

However, this will be reverted if the undercloud gets updated.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References