CVE-2022-3261

CWE-256CWE-319Cleartext Transmission5 documents5 sources
Severity
7.5HIGH
EPSS
0.0%
top 86.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Openstack Platform
Timeline
PublishedSep 15

Description

A flaw was found in OpenStack. Multiple components show plain-text passwords in /var/log/messages during the OpenStack overcloud update run, leading to a disclosure of sensitive information problem.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.8 | Impact: 3.6

Affected Packages1 packages

🔴Vulnerability Details

3
GHSA
GHSA-95f8-wgwf-v4mc: A flaw was found in OpenStack2023-09-15
OSV
CVE-2022-3261: A flaw was found in OpenStack2023-09-15
CVEList
Plain-text passwords saved in /var/log/messages2023-09-15

📋Vendor Advisories

1
Red Hat
openstack: plain-text passwords saved in /var/log/messages2022-11-18
CVE-2022-3261 (HIGH CVSS 7.5) | A flaw was found in OpenStack | cvebase.io