CVE-2022-3596

high

Description

An information leak was found in OpenStack's undercloud. This flaw allows unauthenticated, remote attackers to inspect sensitive data after discovering the IP address of the undercloud, possibly leading to compromising private information, including administrator access credentials.

References

https://bugzilla.redhat.com/show_bug.cgi?id=2136596

https://access.redhat.com/security/cve/CVE-2022-3596

https://access.redhat.com/errata/RHSA-2022:8897

Details

Source: Mitre, NVD

Published: 2023-09-20

Updated: 2024-05-03

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High