CVE-2023-6725
published 2024-03-15CVE-2023-6725: An access-control flaw was found in the OpenStack Designate component where private configuration information including access keys to BIND were improperly…
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
An access-control flaw was found in the OpenStack Designate component where private configuration information including access keys to BIND were improperly made world readable. A malicious attacker with access to any container could exploit this flaw to access sensitive information.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | designate | — | — |
| redhat | openstack_platform | — | — |