Unrated severityNVD Advisory· Published Mar 15, 2024· Updated Feb 25, 2026

Tripleo-ansible: bind keys are world readable

CVE-2023-6725

Description

An access-control flaw was found in the OpenStack Designate component where private configuration information including access keys to BIND were improperly made world readable. A malicious attacker with access to any container could exploit this flaw to access sensitive information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Red Hat/Openstackcpe-rescue6 versions
cpe:/a:redhat:openstack:16.1+ 5 more
- cpe:/a:redhat:openstack:16.1
- cpe:/a:redhat:openstack:16.2
- cpe:/a:redhat:openstack:17.1
- cpe:/a:redhat:openstack:17.1::el8range: 0:3.3.1-17.1.20231101233754.el8ost
- cpe:/a:redhat:openstack:17.1::el9range: 0:3.3.1-17.1.20231101230831.el9ost
- cpe:/a:redhat:openstack:18.0
Red Hat/OpenStack Designatellm-create

Patches

Vulnerability mechanics

References

access.redhat.com/errata/RHSA-2024:2736mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:2770mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/security/cve/CVE-2023-6725mitrevdb-entryx_refsource_REDHAT
bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000