Vulnerabilities > CVE-2016-4474 - 7PK - Security Features vulnerability in Redhat Openstack 7.0/8
Attack vector
ADJACENT_NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The image build process for the overcloud images in Red Hat OpenStack Platform 8.0 (Liberty) director and Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) director (aka overcloud-full) use a default root password of ROOTPW, which allows attackers to gain access via unspecified vectors.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Common Weakness Enumeration (CWE)
Redhat
advisories |
| ||||||||
rpms |
|
References
- http://rhn.redhat.com/errata/RHSA-2016-1222.html
- http://rhn.redhat.com/errata/RHSA-2016-1222.html
- https://access.redhat.com/security/vulnerabilities/2359821
- https://access.redhat.com/security/vulnerabilities/2359821
- https://rhn.redhat.com/errata/RHSA-2016-1223.html
- https://rhn.redhat.com/errata/RHSA-2016-1223.html