Bug 2231164 - TRIAGE openstack-ironic: Information exposure through oslo messaging
Summary: TRIAGE openstack-ironic: Information exposure through oslo messaging
Keywords:
Status: NEW
Alias: None
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2231165 2231166 2231167
Blocks: 2231168
TreeView+ depends on / blocked
 
Reported: 2023-08-10 19:50 UTC by Pedro Sampaio
Modified: 2023-08-10 19:53 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description Pedro Sampaio 2023-08-10 19:50:32 UTC 
Openstack Ironic may leak Keystone tokens in olso messaging payloads.

References:

https://bugs.launchpad.net/ironic/+bug/2030976
Comment 1 Pedro Sampaio 2023-08-10 19:50:44 UTC 
Created openstack-ironic tracking bugs for this issue:

Affects: openstack-rdo [bug 2231165]
Note You need to log in before you can comment on or make changes to this bug.