{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-12-21T00:00:00", "descriptions": [{"lang": "en", "value": "The TripleO Heat templates (tripleo-heat-templates), when deployed via the commandline interface, allow remote attackers to spoof OpenStack Networking metadata requests by leveraging knowledge of the default value of the NeutronMetadataProxySharedSecret parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-04-11T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2015:2650", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2015:2650"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.launchpad.net/tripleo/+bug/1516027"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T06:41:09.259Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2015:2650", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2015:2650"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.launchpad.net/tripleo/+bug/1516027"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2015-5303", "datePublished": "2016-04-11T21:00:00", "dateReserved": "2015-07-01T00:00:00", "dateUpdated": "2024-08-06T06:41:09.259Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openstack:tripleo_heat_templates:*:*:*:*:*:*:*:*", "matchCriteriaId": "F337EA9C-2418-4D18-8C16-EAC812AC402C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The TripleO Heat templates (tripleo-heat-templates), when deployed via the commandline interface, allow remote attackers to spoof OpenStack Networking metadata requests by leveraging knowledge of the default value of the NeutronMetadataProxySharedSecret parameter."}, {"lang": "es", "value": "Las plantillas TripleO Heat (tripleo-heat-templates), cuando se despliegan trav\u00e9s de la interfaz de l\u00ednea de comandos, permiten a atacantes remotos suplantar peticiones de metadatos OpenStack Networking aprovechando el conocimiento del valor por defecto del par\u00e1metro NeutronMetadataProxySharedSecret."}], "id": "CVE-2015-5303", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-04-11T21:59:03.100", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2015:2650"}, {"source": "secalert@redhat.com", "url": "https://bugs.launchpad.net/tripleo/+bug/1516027"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2015:2650"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugs.launchpad.net/tripleo/+bug/1516027"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-254"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by Steven Hardy (Red Hat).", "affected_release": [{"advisory": "RHSA-2015:2650", "cpe": "cpe:/a:redhat:openstack-director:7::el7", "package": "openstack-tripleo-heat-templates-0:0.8.6-94.el7ost", "product_name": "Red Hat Enterprise Linux OpenStack Platform director 7.0 for RHEL 7", "release_date": "2015-12-21T00:00:00Z"}, {"advisory": "RHSA-2015:2650", "cpe": "cpe:/a:redhat:openstack-director:7::el7", "package": "python-rdomanager-oscplugin-0:0.0.10-22.el7ost", "product_name": "Red Hat Enterprise Linux OpenStack Platform director 7.0 for RHEL 7", "release_date": "2015-12-21T00:00:00Z"}], "bugzilla": {"description": "python-rdomanager-oscplugin: NeutronMetadataProxySharedSecret parameter uses default value", "id": "1272297", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1272297"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "status": "verified"}, "details": ["The TripleO Heat templates (tripleo-heat-templates), when deployed via the commandline interface, allow remote attackers to spoof OpenStack Networking metadata requests by leveraging knowledge of the default value of the NeutronMetadataProxySharedSecret parameter.", "It was discovered that Director's NeutronMetadataProxySharedSecret parameter remained specified at the default value of 'unset'. This value is used by OpenStack Networking to sign instance headers; if unchanged, an attacker knowing the shared secret could use this flaw to spoof OpenStack Networking metadata requests."], "name": "CVE-2015-5303", "package_state": [{"cpe": "cpe:/a:redhat:openstack-director:8", "fix_state": "Not affected", "package_name": "python-tripleoclient", "product_name": "Red Hat OpenStack Platform 8 (Liberty) Director"}], "public_date": "2015-12-09T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2015-5303\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-5303"], "threat_severity": "Moderate"}