{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-24T12:30:42.528","vulnerabilities":[{"cve":{"id":"CVE-2018-16856","sourceIdentifier":"secalert@redhat.com","published":"2019-03-26T18:29:00.357","lastModified":"2024-11-21T03:53:27.430","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowing for information exposure."},{"lang":"es","value":"En una instalación de Red Hat Openstack Platform Director por defecto, openstack-octavia en versiones anteriores a la 2.0.2-5 y openstack-octavia-3.0.1-0.20181009115732 crean archivos de registro que pueden ser leídos por todos los usuarios. La información sensible, como las claves privadas, puede aparecer en estos archivos, lo que permite la exposición de información."}],"metrics":{"cvssMetricV30":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-532"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-532"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openstack:octavia:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndExcluding":"2.0.2-5","matchCriteriaId":"0F18AB12-4884-4669-9046-39464A7AAC16"},{"vulnerable":true,"criteria":"cpe:2.3:a:openstack:octavia:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.0.1-0.20181009115732","matchCriteriaId":"E8D54E3C-4629-4B5A-B361-41EE65E19CB5"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*","matchCriteriaId":"4D4AC996-B340-4A14-86F7-FF83B4D5EC8F"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","matchCriteriaId":"704CFA1A-953E-4105-BFBE-406034B83DED"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*","matchCriteriaId":"EB7F358B-5E56-41AB-BB8A-23D3CB7A248B"}]}]}],"references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16856","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16856","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]}]}}]}