Vulnerability Details CVE-2016-4474
The image build process for the overcloud images in Red Hat OpenStack Platform 8.0 (Liberty) director and Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) director (aka overcloud-full) use a default root password of ROOTPW, which allows attackers to gain access via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.2%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 3.3
References
- http://rhn.redhat.com/errata/RHSA-2016-1222.html
- https://access.redhat.com/security/vulnerabilities/2359821
- https://rhn.redhat.com/errata/RHSA-2016-1223.html
- http://rhn.redhat.com/errata/RHSA-2016-1222.html
- https://access.redhat.com/security/vulnerabilities/2359821
- https://rhn.redhat.com/errata/RHSA-2016-1223.html