Medium severity6.3NVD Advisory· Published Dec 12, 2017· Updated Jun 17, 2026
CVE-2017-12155
CVE-2017-12155
Description
A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
tripleo-heat-templatesPyPI | < 7.0.6 | 7.0.6 |
Affected products
18- osv-coords16 versionspkg:apk/chainguard/ceph-18pkg:apk/chainguard/ceph-19pkg:apk/chainguard/ceph-20pkg:apk/chainguard/ceph-20.2pkg:apk/chainguard/ceph-20-devpkg:apk/chainguard/ceph-20-docpkg:apk/chainguard/ceph-20-libspkg:apk/chainguard/ceph-devpkg:apk/wolfi/ceph-19pkg:apk/wolfi/ceph-20pkg:apk/wolfi/ceph-20.2pkg:apk/wolfi/ceph-20-devpkg:apk/wolfi/ceph-20-docpkg:apk/wolfi/ceph-20-libspkg:apk/wolfi/ceph-devpkg:pypi/tripleo-heat-templates
< 0+ 15 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 7.0.6
- Range: Newton, Ocata, Pike and possibly older
Patches
Vulnerability mechanics
References
9- bugs.launchpad.net/tripleo/+bug/1720787nvdIssue TrackingPatchWEB
- github.com/advisories/GHSA-w8gx-hhcx-px6wghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-12155ghsaADVISORY
- access.redhat.com/errata/RHSA-2018:0602nvdWEB
- access.redhat.com/errata/RHSA-2018:1593nvdWEB
- access.redhat.com/errata/RHSA-2018:1627nvdWEB
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingMitigationWEB
- opendev.org/openstack/tripleo-heat-templates/commit/a18fd59077d97de83496c85c017b9d256a3eddd4ghsaWEB
- opendev.org/openstack/tripleo-heat-templates/commit/ce7b65f443d38a6627631f53cb22336338e97d30ghsaWEB
News mentions
0No linked articles in our index yet.