CVE-2015-5329

HIGH Year: 2015
CVSS v3 Score
7.3
High
CVSS v2 Score
7.5
High
Weakness Type
CWE-264
View all →

Vulnerability Description

The TripleO Heat templates (tripleo-heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 7.0, do not properly use the configured RabbitMQ credentials, which makes it easier for remote attackers to obtain access to services in deployed overclouds by leveraging knowledge of the default credentials.

Related Vulnerabilities

CVE-2015-7788

HIGH
CVSS:7.3(High)

ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to execute arbitrary commands via unspecified vectors.

CWE-2642015

CVE-2015-8955

HIGH
CVSS:7.3(High)

arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via vectors involving ...

CWE-2642015

CVE-2016-0006

HIGH
CVSS:7.3(High)

The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Wind...

CWE-2642016

CVE-2016-3187

HIGH
CVSS:7.3(High)

The Prepopulate module 7.x-2.x before 7.x-2.1 for Drupal allows remote attackers to modify the REQUEST superglobal array, and consequently have unspecified impact, via a base64-encoded pp parameter.

CWE-2642016

CVE-2016-3188

HIGH
CVSS:7.3(High)

The _prepopulate_request_walk function in the Prepopulate module 7.x-2.x before 7.x-2.1 for Drupal allows remote attackers to modify the (1) actions, (2) container, (3) token, (4) password, (5) passwo...

CWE-2642016

CVE-2016-3249

HIGH
CVSS:7.3(High)

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 al...

CWE-2642016