Moderate severityNVD Advisory· Published Mar 23, 2023· Updated Feb 25, 2025
CVE-2022-3101
CVE-2022-3101
Description
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to information disclosure of important configuration details from the OpenStack deployment.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
tripleo-ansiblePyPI | <= 6.0.0 | — |
Affected products
2- OpenStack/tripleo-ansibledescription
Patches
Vulnerability mechanics
References
3- github.com/advisories/GHSA-7x96-2w32-w3gwghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-3101ghsaADVISORY
- access.redhat.com/security/cve/CVE-2022-3101ghsaWEB
News mentions
0No linked articles in our index yet.