Vulnerability Database

289,782

Total vulnerabilities in the database

CVE-2016-9185

In OpenStack Heat, by launching a new Heat stack with a local URL an authenticated user may conduct network discovery revealing internal network configuration. Affected versions are <=5.0.3, >=6.0.0 <=6.1.0, and ==7.0.0.

  • Published: Nov 4, 2016
  • Updated: Apr 13, 2023
  • CVE: CVE-2016-9185
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVSS v2:

  • Severity: Low
  • Score: 4
  • AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

Software From Fixed in
openstack / heat 6.1.0 6.1.0.x
openstack / heat 6.0.0 6.0.0.x
openstack / heat 5.0.3 5.0.3.x
openstack / heat 7.0.0 7.0.0.x