CVE-2012-5474

NameCVE-2012-5474
DescriptionThe file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1) is world readable and exposes the secret key value.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitylow

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
horizon (PTS)stretch3:10.0.1-1fixed
buster, buster (security)3:14.0.2-3+deb10u2fixed
bookworm, bullseye3:18.6.2-5fixed
sid3:19.2.0-6fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
horizonsource(unstable)2012.1.1-7

Search for package or bug name: Reporting problems