============================================================================== OSSA-2016-013: Network information disclosure through Heat template source URL ============================================================================== :Date: November 18, 2016 :CVE: CVE-2016-9185 Affects ~~~~~~~ - Heat: <=5.0.3, >=6.0.0 <=6.1.0 and ==7.0.0 Description ~~~~~~~~~~~ Tom Patzig from SAP reported a vulnerability in Heat. By launching a new Heat stack with a local URL an authenticated user may conduct network discovery revealing internal network configuration. All Heat setup are affected. Patches ~~~~~~~ - https://review.openstack.org/393149 (Liberty) - https://review.openstack.org/393148 (Mitaka) - https://review.openstack.org/393147 (Newton) - https://review.openstack.org/393146 (Ocata) Credits ~~~~~~~ - Tom Patzig from SAP (CVE-2015-9185) References ~~~~~~~~~~ - https://launchpad.net/bugs/1606500 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9185 -- Tristan Cacqueray OpenStack Vulnerability Management Team