cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-1625,https://securityvulnerability.io/vulnerability/CVE-2023-1625,Information leak in api,"An information leak has been identified in OpenStack Heat, allowing a remote authenticated attacker to exploit the 'stack show' command. This flaw permits the exposure of parameters that are intended to remain confidential, potentially compromising system integrity. It's crucial for users to assess their configurations and apply necessary security best practices to mitigate any risks linked to this vulnerability.",Red Hat,"Openstack-heat,Red Hat Openstack Platform 13 (queens),Red Hat Openstack Platform 16.1,Red Hat Openstack Platform 16.2,Red Hat Openstack Platform 17.0,Openstack Rdo",7.4,HIGH,0.0011699999449774623,false,,false,false,false,,,false,false,,2023-09-24T01:15:00.000Z,0
CVE-2017-2621,https://securityvulnerability.io/vulnerability/CVE-2017-2621,Access-Control Flaw in OpenStack Orchestration Service by Red Hat,"An access-control vulnerability exists in the OpenStack Orchestration (heat) service in specific versions prior to 8.0.0, 6.1.0, and 7.0.2. This flaw allows a malicious user on the same system to access service log directories that should be restricted. The improper configuration made certain directories world-readable, potentially exposing sensitive information to unauthorized users. Organizations running affected versions are advised to review their security measures to mitigate risks associated with this vulnerability.",Red Hat,Openstack-heat,5.9,MEDIUM,0.0005699999746866524,false,,false,false,false,,,false,false,,2018-07-27T18:00:00.000Z,0