CVE-2017-2622

EUVD-2017-11783
An accessibility flaw was found in the OpenStack Workflow (mistral) service where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.9 MEDIUM
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
redhatCNA
5.9 MEDIUM
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 13%
Debian logo
Debian Releases
Debian Product
Codename
mistral
bookworm
15.0.0-1
fixed
bullseye
11.0.0-2
fixed
sid
19.0.0-1
fixed
trixie
19.0.0-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
mistral
artful
ignored
bionic
needed
cosmic
ignored
disco
ignored
eoan
ignored
focal
needed
groovy
ignored
hirsute
ignored
impish
ignored
jammy
needed
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needed
precise
dne
trusty
dne
xenial
needed
yakkety
ignored
zesty
ignored
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2017:1584
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2622
https://access.redhat.com/errata/RHSA-2017:1584
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2622