CVE-2024-4840

Summary

An flaw was found in the OpenStack Platform (RHOSP) director, a toolset for installing and managing a complete RHOSP environment. Plaintext passwords may be stored in log files, which can expose sensitive information to anyone with access to the logs.

Affected Software

VendorProductVersion RangeStatus
14.3.1-17.1.20240528170747.e7c7ce3.el9ostunaffected
Red HatRed Hat OpenStack Platform 17.1 for RHEL 90:14.3.1-17.1.20240919130756.el9ost < *unaffected

Weaknesses

  • CWE-312: Cleartext Storage of Sensitive Information

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References