CVE-2024-7319
published 2024-08-02CVE-2024-7319: An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command…
medium5CVSS 3.1
AVNACLPRLUINSCCLINAN
An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | heat | — | — |
| redhat | openstack_platform | — | — |
| redhat | openstack_platform | — | — |
| redhat | openstack_platform | — | — |
| redhat | openstack_platform | — | — |
CVSS provenance
nvdv3.15.0MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
ghsa5.0MEDIUM
osv5.0MEDIUM