Information Exposure Vulnerability in OpenStack Mistral Undercloud Logs
CVE-2019-3866

5.9MEDIUM

Key Information:

Vendor: [unknown]
Status: Openstack-mistral
Vendor: CVE Published:; 8 November 2019

What is CVE-2019-3866?

An information exposure vulnerability has emerged in OpenStack Mistral due to the undercloud log files being world-readable. This flaw allows malicious users on the same system to access sensitive user information stored in plaintext within these logs. Protecting these logs is critical to maintaining the confidentiality of user data and preventing unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

openstack-mistral

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3866

x_refsource_CONFIRM

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Nov 8, 2019
Vulnerability Reserved
Jan 3, 2019

JSON

[unknown]