High severity7.4OSV Advisory· Published Sep 24, 2023· Updated Jun 17, 2026
CVE-2023-1625
CVE-2023-1625
Description
An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
openstack-heatPyPI | < 20.0.0 | 20.0.0 |
Affected products
34- ghsa-coords33 versionspkg:pypi/openstack-heatpkg:rpm/suse/openstack-heat&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-heat&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-heat&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-heat&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-heat&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-heat-doc&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-heat-doc&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-heat-doc&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-swift&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-swift&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-Werkzeug&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-Werkzeug&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-Werkzeug&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-Werkzeug&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-Werkzeug&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/venv-openstack-designate&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-designate&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-designate&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-heat&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-heat&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-heat&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-keystone&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-magnum&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-magnum&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-magnum&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-octavia&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-octavia&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-octavia&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-sahara&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-sahara&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-sahara&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-swift&distro=SUSE%20OpenStack%20Cloud%209
< 20.0.0+ 32 more
- (no CPE)range: < 20.0.0
- (no CPE)range: < 9.0.8~dev22-3.30.3
- (no CPE)range: < 9.0.8~dev22-3.30.3
- (no CPE)range: < 11.0.4~dev4-3.24.4
- (no CPE)range: < 9.0.8~dev22-3.30.3
- (no CPE)range: < 11.0.4~dev4-3.24.4
- (no CPE)range: < 9.0.8~dev22-3.30.3
- (no CPE)range: < 9.0.8~dev22-3.30.3
- (no CPE)range: < 9.0.8~dev22-3.30.3
- (no CPE)range: < 2.19.3~dev3-3.6.3
- (no CPE)range: < 2.19.3~dev3-3.6.3
- (no CPE)range: < 0.12.2-3.6.2
- (no CPE)range: < 0.12.2-3.6.2
- (no CPE)range: < 0.14.1-3.6.2
- (no CPE)range: < 0.12.2-3.6.2
- (no CPE)range: < 0.14.1-3.6.2
- (no CPE)range: < 5.0.3~dev7-12.45.1
- (no CPE)range: < 5.0.3~dev7-12.45.1
- (no CPE)range: < 7.0.2~dev2-3.41.2
- (no CPE)range: < 9.0.8~dev22-12.51.1
- (no CPE)range: < 9.0.8~dev22-12.51.1
- (no CPE)range: < 11.0.4~dev4-3.43.2
- (no CPE)range: < 14.2.1~dev9-3.42.2
- (no CPE)range: < 5.0.2_5.0.2_5.0.2~dev31-11.46.1
- (no CPE)range: < 5.0.2_5.0.2_5.0.2~dev31-11.46.1
- (no CPE)range: < 7.2.1~dev1-4.41.3
- (no CPE)range: < 1.0.6~dev3-12.47.1
- (no CPE)range: < 1.0.6~dev3-12.47.1
- (no CPE)range: < 3.2.3~dev7-4.41.2
- (no CPE)range: < 7.0.5~dev4-11.46.1
- (no CPE)range: < 7.0.5~dev4-11.46.1
- (no CPE)range: < 9.0.2~dev15-3.41.2
- (no CPE)range: < 2.19.3~dev3-2.36.3
Patches
Vulnerability mechanics
References
6- github.com/openstack/heat/commit/a49526c278e52823080c7f3fcb72785b93fd4dcbnvdPatchWEB
- launchpad.net/bugs/1999665nvdExploitIssue TrackingThird Party AdvisoryWEB
- access.redhat.com/security/cve/CVE-2023-1625nvdThird Party AdvisoryWEB
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party AdvisoryWEB
- github.com/advisories/GHSA-5836-grcc-8j89ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-1625ghsaADVISORY
News mentions
0No linked articles in our index yet.