CVE-2012-5476

Published: Dec 30, 2019Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value.

Affected (4)

Products: Openstack: Horizon · Debian: Debian Linux

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Openstack Horizon	Version 2012.2

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0
Debian Debian Linux	Version 8.0
Debian Debian Linux	Version 9.0

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

https://access.redhat.com/security/cve/cve-2012-5476

Source: secalert@redhat.com

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5476

Source: secalert@redhat.com

Issue TrackingThird Party Advisory

https://security-tracker.debian.org/tracker/CVE-2012-5476

Source: secalert@redhat.com

Third Party Advisory

https://access.redhat.com/security/cve/cve-2012-5476

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5476

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

https://security-tracker.debian.org/tracker/CVE-2012-5476

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.