CVE-2016-9185

MEDIUM

OpenStack Heat <=5.0.3, >=6.0.0 <=6.1.0, ==7.0.0 - SSRF

Title source: llm

Description

In OpenStack Heat, by launching a new Heat stack with a local URL an authenticated user may conduct network discovery revealing internal network configuration. Affected versions are <=5.0.3, >=6.0.0 <=6.1.0, and ==7.0.0.

References (5)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/94205

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2017:1450

[Issue Tracking, Third Party Advisory] https://bugs.launchpad.net/ossa/+bug/1606500

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2017:1456

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2017:1464

Scores

CVSS v3 4.3

EPSS 0.0053

EPSS Percentile 66.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Classification

CWE

CWE-200

Status draft

Affected Products (4)

openstack/heat

Timeline

Published Nov 04, 2016

Tracked Since Feb 18, 2026