MEDIUM 5.5
PYSEC-2026-1052
tripleo-ansible may disclose important configuration details from an OpenStack deployment
상세
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file. This issue leads to information disclosure of important configuration details from the OpenStack deployment.
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
PyPI / tripleo-ansible
최초 영향 버전:
0 No fixed version published yet for tripleo-ansible (pip). Pin to a known-safe version or switch to an alternative.