A vulnerability was found in openstack-tripleo-heat... · CVE-2018-10898 · GitHub Advisory Database · GitHub

A vulnerability was found in openstack-tripleo-heat...

High severity Unreviewed Published May 13, 2022 to the GitHub Advisory Database • Updated Feb 1, 2023

Package

No package listed— Suggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials.

References

Published by the National Vulnerability Database

Jul 30, 2018

Published to the GitHub Advisory Database May 13, 2022

Last updated Feb 1, 2023

Severity

High

/ 10

CVSS v3 base metrics

Attack vector

Adjacent

Attack complexity

Low

Privileges required

None

User interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H