← Back

Tripleo Common

tripleo-common

Vendor: Openstack • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2017-2627
2Openstack
Redhat
2Openstack
Tripleo Common
Nov 21, 2024
Aug 22, 2018
N/A· v4
8.2 HIGH· v3
7.2 HIGH· v2
A flaw was found in openstack-tripleo-common as shipped with Red Hat Openstack Enterprise 10 and 11. The sudoers file as installed with OSP's openstack-tripleo-common package is much too permissive. It contains several l...Show more
A flaw was found in openstack-tripleo-common as shipped with Red Hat Openstack Enterprise 10 and 11. The sudoers file as installed with OSP's openstack-tripleo-common package is much too permissive. It contains several lines for the mistral user that have wildcards that allow directory traversal with '..' and it grants full passwordless root access to the validations user.Show less