What is CVE-2022-3596?

CVE-2022-3596 is a vulnerability found in OpenStack's undercloud that allows unauthenticated remote attackers to inspect sensitive data after discovering the IP address of the undercloud.

What is the severity of CVE-2022-3596?

The severity of CVE-2022-3596 is high with a CVSS score of 7.5.

How does CVE-2022-3596 impact Redhat Openstack Platform 13.0?

CVE-2022-3596 affects Redhat Openstack Platform 13.0, allowing unauthenticated remote attackers to inspect sensitive data.

How can CVE-2022-3596 be exploited?

CVE-2022-3596 can be exploited by unauthenticated remote attackers who discover the IP address of the undercloud to access and inspect sensitive data.

Is there a fix available for CVE-2022-3596?

Yes, a fix is available for CVE-2022-3596. Users should apply the appropriate patches provided by Redhat Openstack Platform.

Vulnerability/
CVE-2022-3596

high

8.6

CWE

402

20/10/2022

5/12/2022

20/9/2023

3/5/2024

CVE-2022-3596: Instack-undercloud: rsync leaks information to undercloud

First published: Thu Oct 20 2022(Updated: )

An an information leak was discovered in OpenStack's undercloud. Rsync stores sensitive swift data (for example administrative credentials to the overcloud) in a manner that makes this information visible to local users of the undercloud. This enables potentially anyone with network access to the undercloud to further gain access to the rest of an OpenStack deployment.

Credit: secalert@redhat.com secalert@redhat.com

Affected Software	Affected Version	How to fix
Redhat Openstack Platform	=13.0
Redhat Openstack Platform	=13.0
redhat/instack-undercloud	<0:8.4.9-13.el7	0:8.4.9-13.el7

Remedy

The rsync daemon is no longer needed and can be manually disabled by running the following commands on the undercloud: sudo rm /etc/xinetd.d/rsync /etc/rsyncd.conf sudo systemctl restart xinetd However, this will be reverted if the undercloud gets updated.

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

RHSA-2022:8897

Frequently Asked Questions

What is CVE-2022-3596?
CVE-2022-3596 is a vulnerability found in OpenStack's undercloud that allows unauthenticated remote attackers to inspect sensitive data after discovering the IP address of the undercloud.
What is the severity of CVE-2022-3596?
The severity of CVE-2022-3596 is high with a CVSS score of 7.5.
How does CVE-2022-3596 impact Redhat Openstack Platform 13.0?
CVE-2022-3596 affects Redhat Openstack Platform 13.0, allowing unauthenticated remote attackers to inspect sensitive data.
How can CVE-2022-3596 be exploited?
CVE-2022-3596 can be exploited by unauthenticated remote attackers who discover the IP address of the undercloud to access and inspect sensitive data.
Is there a fix available for CVE-2022-3596?
Yes, a fix is available for CVE-2022-3596. Users should apply the appropriate patches provided by Redhat Openstack Platform.

collector/redhat-cve
collector/nvd-index
agent/author
agent/type
agent/softwarecombine
agent/first-publish-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2022-3596
agent/references
agent/remedy
agent/weakness
collector/mitre-cve
source/MITRE
agent/severity
agent/title
agent/last-modified-date
agent/description
agent/event
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
package-manager/redhat
vendor/redhat
canonical/redhat openstack platform
version/redhat openstack platform/13.0