Vulnerability Details : CVE-2018-16849
A flaw was found in openstack-mistral. By manipulating the SSH private key filename, the std.ssh action can be used to disclose the presence of arbitrary files within the filesystem of the executor running the action. Since std.ssh private_key_filename can take an absolute path, it can be used to assess whether or not a file exists on the executor's filesystem.
Vulnerability category: Information leak
Products affected by CVE-2018-16849
- cpe:2.3:a:redhat:openstack-mistral:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-16849
0.14%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 50 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-16849
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST | |
3.1
|
LOW | CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
1.6
|
1.4
|
Red Hat, Inc. |
CWE ids for CVE-2018-16849
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by:
- nvd@nist.gov (Primary)
- secalert@redhat.com (Secondary)
References for CVE-2018-16849
-
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16849
1645334 – (CVE-2018-16849) CVE-2018-16849 openstack-mistral: std.ssh action may disclose presence of arbitrary filesIssue Tracking;Vendor Advisory
-
https://bugs.launchpad.net/mistral/+bug/1783708
Bug #1783708 “std.ssh action can be used to explore executor's f...” : Bugs : MistralThird Party Advisory
Jump to