CVE-2018-16856
published 2019-03-26CVE-2018-16856: In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and…
high7.5CVSS 3.0
AVNACLPRNUINSUCHINAN
In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowing for information exposure.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | octavia | — | — |
| openstack | octavia | >= 0 < 2.0.3 | 2.0.3 |
| openstack | octavia | >= 0 < 2.1.0 | 2.1.0 |
| openstack | octavia | >= 2.0.0 < 2.0.2-5 | 2.0.2-5 |
| openstack | octavia | >= 3.0.0 < 3.0.1-0.20181009115732 | 3.0.1-0.20181009115732 |
| openstack | octavia | >= 3.0.0 < 3.0.2 | 3.0.2 |
| openstack | octavia | >= 3.0.0.0b1 < 3.1.0 | 3.1.0 |
| redhat | openstack | — | — |
| redhat | openstack | — | — |
| redhat | openstack | — | — |