Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

openstack_essex

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

3
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2013-1793
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.38%
||
7 Day CHG~0.00%
Published-10 Dec, 2019 | 13:17
Updated-06 Aug, 2024 | 15:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

openstack-utils openstack-db has insecure password creation

Action-Not Available
Vendor-openstack-utilsRed Hat, Inc.
Product-openstackopenstack_essexopenstack-db program
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2012-6120
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.10% / 27.08%
||
7 Day CHG~0.00%
Published-10 Apr, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Red Hat OpenStack Essex and Folsom creates the /var/log/puppet directory with world-readable permissions, which allows local users to obtain sensitive information such as Puppet log files.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-openstack_essexopenstack_folsomn/a
CVE-2013-1815
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.06% / 18.34%
||
7 Day CHG~0.00%
Published-10 Apr, 2013 | 15:00
Updated-30 Apr, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Packstack: red hat openstack: packstack: unauthorized system modification via insecure answer file creation

A flaw was found in PackStack. This vulnerability allows a local user to modify deployed systems by changing the answer file, which is created in insecure directories such as /tmp or the current working directory. This insecure file creation could lead to unauthorized system modifications.

Action-Not Available
Vendor-Red Hat, Inc.
Product-packstackopenstack_essexopenstack_folsomRed Hat OpenStack Platform 4Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)
CWE ID-CWE-379
Creation of Temporary File in Directory with Insecure Permissions