Redhat: >> Openstack >> 2.0 Security Vulnerabilities
The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1) is world readable and exposes the secret key value.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-12-30
The puppet manifests in the Red Hat openstack-puppet-modules package before 2014.2.13-2 uses a default password of CHANGEME for the pcsd daemon, which allows remote attackers to execute arbitrary shell commands via unspecified vectors.
CVSS Score
10.0
EPSS Score
0.067
Published
2015-04-10