OpenStack TripleO Heat Templates Remote Metadata Spoofing Vulnerability

CVE-2015-5303 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

The TripleO Heat templates (tripleo-heat-templates), when deployed via the commandline interface, allow remote attackers to spoof OpenStack Networking metadata requests by leveraging knowledge of the default value of the NeutronMetadataProxySharedSecret parameter.

Learn more about our Network Penetration Testing.