OpenStack Overcloud Update Vulnerability: Plain-Text Password Disclosure

OpenStack Overcloud Update Vulnerability: Plain-Text Password Disclosure

CVE-2022-3261 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

A flaw was found in OpenStack. Multiple components show plain-text passwords in /var/log/messages during the OpenStack overcloud update run, leading to a disclosure of sensitive information problem.

Learn more about our Cloud Audit.