CVE-2016-9185

MEDIUM

OpenStack Heat <=5.0.3, >=6.0.0 <=6.1.0, ==7.0.0 - SSRF

Title source: llm

Description

In OpenStack Heat, by launching a new Heat stack with a local URL an authenticated user may conduct network discovery revealing internal network configuration. Affected versions are <=5.0.3, >=6.0.0 <=6.1.0, and ==7.0.0.

References (5)

Core 5

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/94205

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2017:1464

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2017:1450

Issue Tracking, Third Party Advisory x_refsource_confirm

https://bugs.launchpad.net/ossa/+bug/1606500

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2017:1456

Scores

CVSS v3 4.3

EPSS 0.0053

EPSS Percentile 67.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-200

Status published

Products (4)

openstack/heat 5.0.3

openstack/heat 6.0.0

openstack/heat 6.1.0

openstack/heat 7.0.0

Published Nov 04, 2016

Tracked Since Feb 18, 2026