CVE-2016-9185 — Sensitive Information Exposure in Heat

CWE-200 — Sensitive Information Exposure9 documents7 sources

Severity

4.3MEDIUMNVD

EPSS

0.5%

top 32.85%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openstack Heat

Timeline

PublishedNov 4

Latest updateMay 14

Description

In OpenStack Heat, by launching a new Heat stack with a local URL an authenticated user may conduct network discovery revealing internal network configuration. Affected versions are =6.0.0 <=6.1.0, and ==7.0.0.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

▶Debianopenstack/heat< 1:7.0.0-2+3

▶NVDopenstack/heat4 versions+3

🔴Vulnerability Details

GHSA

GHSA-249h-g975-9xj2: In OpenStack Heat, by launching a new Heat stack with a local URL an authenticated user may conduct network discovery revealing internal network confi↗2022-05-14

▶

CVEList

CVE-2016-9185: In OpenStack Heat, by launching a new Heat stack with a local URL an authenticated user may conduct network discovery revealing internal network confi↗2016-11-04

▶

OSV

CVE-2016-9185: In OpenStack Heat, by launching a new Heat stack with a local URL an authenticated user may conduct network discovery revealing internal network confi↗2016-11-04

▶

📋Vendor Advisories

Red Hat

openstack-heat: Template source URL allows network port scan↗2016-11-03

▶

Debian

CVE-2016-9185: heat - In OpenStack Heat, by launching a new Heat stack with a local URL an authenticat...↗2016

▶

💬Community

Bugzilla

CVE-2016-9185 openstack-heat: Template source URL allows network port scan [openstack-rdo]↗2016-11-06

▶

Bugzilla

CVE-2016-9185 openstack-heat: Template source URL allows network port scan↗2016-11-04

▶

Bugzilla

CVE-2016-9185 openstack-heat: Template source URL allows network port scan [fedora-all]↗2016-11-04

▶