Vulnerability: Readable Ansible Log File during Stack Update and Creation in tripleo-ansible

Vulnerability: Readable Ansible Log File during Stack Update and Creation in tripleo-ansible

CVE-2021-31918 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

A flaw was found in tripleo-ansible version as shipped in Red Hat Openstack 16.1. The Ansible log file is readable to all users during stack update and creation. The highest threat from this vulnerability is to data confidentiality.

Learn more about our User Device Pen Test.