CVE-2015-0271

Red Hat OpenStack Dashboard redhat-access-plugin - Arbitrary File Read via Log-Viewing Function

Title source: llm
STIX 2.1

Description

The log-viewing function in the Red Hat redhat-access-plugin before 6.0.3 for OpenStack Dashboard (horizon) allows remote attackers to read arbitrary files via a crafted path.

References (3)

Core 3
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-0841.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-0645.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-0840.html

Scores

EPSS 0.0168
EPSS Percentile 74.1%

Details

CWE
CWE-200
Status published
Products (2)
redhat/openstack 5.0
redhat/openstack 6.0
Published Mar 10, 2015
Tracked Since Feb 18, 2026