CVE-2015-5271 in Red Hat and OpenStack Products
Published on April 15, 2016

The TripleO Heat templates (tripleo-heat-templates) do not properly order the Identity Service (keystone) before the OpenStack Object Storage (Swift) staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive information from private containers via unspecified vectors.

Vendor Advisory NVD

Products Associated with CVE-2015-5271

stack.watch emails you whenever new vulnerabilities are published in Red Hat Openstack or OpenStack Tripleo Heat Templates. Just hit a watch button to start following.

Red Hat Openstack

OpenStack Tripleo Heat Templates

Exploit Probability

EPSS

0.34%

Percentile

56.60%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2015-5271 in Red Hat and OpenStack ProductsPublished on April 15, 2016

Products Associated with CVE-2015-5271

Exploit Probability

CVE-2015-5271 in Red Hat and OpenStack Products
Published on April 15, 2016