OpenStack-TRIPLEO Log Leak Exposes RHSM Plain Passwords
CVE-2021-3585 Published on August 26, 2022
A flaw was found in openstack-tripleo-heat-templates. Plain passwords from RHSM exist in the logs during OSP13 deployment with subscription-manager.
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2021-3585 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2021-3585
Want to know whenever a new CVE is published for OpenStack Tripleo Heat Templates? stack.watch will email you.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.