Local File Inclusion Vulnerability in Mistral-Dashboard by OpenStack
CVE-2021-4472

6.5MEDIUM

Key Information:

Vendor

Red Hat
Status
Red Hat Openstack Platform 13 (queens)
Red Hat Openstack Platform 16.2
Red Hat Openstack Platform 17.1
Vendor
CVE Published:
26 November 2025

What is CVE-2021-4472?

The Mistral-Dashboard plugin for OpenStack contains a local file inclusion vulnerability in its 'Create Workbook' feature. This flaw may allow unauthorized access to arbitrary local files, leading to potential disclosure of sensitive information. Attackers could exploit this vulnerability to manipulate file paths, thereby gaining access to files that are meant to be protected, jeopardizing the confidentiality and integrity of user data.

References

https://access.redhat.com/security/cve/CVE-2021-4472
vdb-entryx_refsource_REDHAT
https://bugs.launchpad.net/horizon/+bug/1931558
https://bugzilla.redhat.com/show_bug.cgi?id=2417321
issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2021-4472 : Local File Inclusion Vulnerability in Mistral-Dashboard by OpenStack