CVE-2023-1625

Medium

An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show'…

redhat·CWE-202·Published 2023-09-24

CVSS

5.0

EPSS

0.01

KEV

Exploits

cve.orgen

288 chars

An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.

NVDen

288 chars

OSV.deven

288 chars

GHSAen

288 chars

NVDes

310 chars

Se descubrió una fuga de información en OpenStack Heat. Este problema podría permitir que un atacante remoto y autenticado utilice el comando 'stack show' para revelar parámetros que se supone deben permanecer ocultos. Esto tiene un impacto bajo en la confidencialidad, integridad y disponibilidad del sistema.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	7.4	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
3.1	Primary	cve.org	7.4	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
3.1	Primary	NVD	5.0	3.1	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
3.1	Secondary	NVD	7.4	3.1	3.7	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
3.1	Secondary	GHSA	7.4	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L