CVE-2018-10898 – tripleo-heat-templates

Package

Manager: pip
Name: tripleo-heat-templates
Vulnerable Version: =0.5.6 || =0.6.0 || =0.6.1 || =0.6.2 || =0.6.3 || =0.6.4 || =0.7.0 || =0.7.1 || =0.7.2 || =0.7.3 || =0.7.4 || =0.7.5 || =0.7.6 || =0.7.7 || =0.7.8 || =0.7.9 || =0.8.0 || =0.8.1 || =0.8.10 || =0.8.11 || =0.8.12 || =0.8.13 || =0.8.14 || =0.8.2 || =0.8.3 || =0.8.4 || =0.8.5 || =0.8.6 || =0.8.7 || =0.8.8 || =0.8.9 || =2.0.0 || =2.1.0 || =2.2.0 || =5.0.0 || =5.0.0.0b1 || =5.0.0.0b2 || =5.0.0.0b3 || =5.0.0.0rc1 || =5.0.0.0rc2 || =5.0.0.0rc3 || =5.1.0 || =5.2.0 || =5.3.0 || =5.3.1 || =5.3.10 || =5.3.11 || =5.3.12 || =5.3.13 || =5.3.2 || =5.3.3 || =5.3.4 || =5.3.5 || =5.3.6 || =5.3.7 || =5.3.8 || =5.3.9 || =6.0.0 || =6.0.0.0b1 || =6.0.0.0b2 || =6.0.0.0rc1 || =6.0.0.0rc2 || =6.1.0 || =6.2.0 || =6.2.1 || =6.2.10 || =6.2.11 || =6.2.12 || =6.2.13 || =6.2.14 || =6.2.15 || =6.2.16 || =6.2.2 || =6.2.3 || =6.2.4 || =6.2.5 || =6.2.6 || =6.2.7 || =6.2.8 || =6.2.9 || =7.0.0 || =7.0.0.0b1 || =7.0.0.0b2 || =7.0.0.0b3 || =7.0.0.0rc1 || =7.0.0.0rc2 || =7.0.1 || =7.0.10 || =7.0.11 || =7.0.12 || =7.0.13 || =7.0.14 || =7.0.15 || =7.0.16 || =7.0.17 || =7.0.18 || =7.0.2 || =7.0.3 || =7.0.4 || =7.0.5 || =7.0.6 || =7.0.7 || =7.0.8 || =7.0.9 || =8.0.0 || =8.0.0.0b1 || =8.0.0.0b2 || =8.0.0.0b3 || =8.0.0.0rc1 || =8.0.1 || =8.0.2 || >=0 <8.0.3

Severity

Level: Low

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00177 pctl0.39536

Details

A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When deployed using Director using default configuration, Opendaylight in RHOSP13 is configured with easily guessable default credentials.

Metadata

Created: 2018-07-30T17:29:00Z
Modified: 2023-11-08T03:59:44.547420Z
Source: https://osv-vulnerabilities
CWE IDs: N/A
Alternative ID: N/A
Finding: F053
Auto approve: 1