CVE Vulnerabilities

CVE-2024-7319

Published: Aug 02, 2024 | Modified: Oct 07, 2024

CVSS 3.x

MEDIUM

Source:

NVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

CVSS 2.x

RedHat/V2

RedHat/V3

5 MODERATE

Ubuntu

MEDIUM

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-7319
CWE	https://cwe.mitre.org/data/definitions/.html

An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied.

Affected Software

Name	Vendor	Start Version	End Version
Heat	Openstack	- (including)	- (including)

References

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.