VIR Vulnerability Intelligence Relay

Search

Found 673 results in 113ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2016-3077 medium 6.5 6.5 redhat 9y ago The VersionMapper.fromKernelVersionString method in oVirt Engine allows remote authenticated users to cause a denial of service (process crash) for all VMs.
CVE-2014-8180 medium 5.5 5.5 mongodbredhat 9y ago MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service.
CVE-2017-8379 medium 6.5 6.5 FIX slesdebian debian qemuredhat 9y ago Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generati…
CVE-2017-8309 high 7.5 7.5 FIX slesdebian debian qemuredhat 9y ago Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture.
CVE-2016-9842 high 8.8 8.8 FIX slesdebian debianubuntu ubuntu zliboracleredhat 9y ago The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
CVE-2016-9840 high 8.8 8.8 FIX sles rockydebian debian boostzliboracle 9y ago RHSA-2025:8395: rsync security update (Low)
CVE-2017-3512 high 8.3 8.3 FIX slesdebian debian oracleredhat 9y ago Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 7u131 and 8u121. Difficult to exploit vulnerability allows unauthentica…
CVE-2016-3702 medium 5.3 5.3 redhat 9y ago Padding oracle flaw in CloudForms Management Engine (aka CFME) 5 allows remote attackers to obtain sensitive cleartext information.
CVE-2016-6519 medium 5.4 5.4 FIX slesdebian debian redhatopenstack 9y ago Openstack Manila Persistent XSS in Metadata field
CVE-2016-5401 high 8.8 8.8 redhat 9y ago Cross-site request forgery (CSRF) vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web pag…
CVE-2016-6347 medium 6.1 6.1 FIX debian debian redhat 9y ago Improper Neutralization of Input During Web Page Generation in RESTEasy
CVE-2016-6338 medium 6.8 6.8 redhat 9y ago ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager (aka RHEV-M) for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restric…
CVE-2016-5409 high 7.5 7.5 redhat 9y ago Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a Set-Cookie header for the GEARID cookie, which makes it easier for remote attackers to obtain potentially sensitive information …
CVE-2016-7060 medium 4.6 4.6 redhat 9y ago The web interface in Red Hat QuickStart Cloud Installer (QCI) 1.0 does not mask passwords fields, which allows physically proximate attackers to obtain sensitive password information by reading the d…
CVE-2016-4970 high 7.5 7.5 FIX debian debian nettyredhatapache 9y ago Loop with Unreachable Exit Condition in Netty
CVE-2016-2104 medium 6.1 6.1 redhat 9y ago Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Satellite 5 allow remote attackers to inject arbitrary web script or HTML via (1) the label parameter to admin/BunchDetail.do; (2) the p…
CVE-2016-6348 medium 6.1 6.1 FIX debian debian redhat 9y ago JacksonJsonpInterceptor susceptible to cross-site script inclusion (XSSI) attack
CVE-2016-4459 high 7.5 7.5 rhel redhat 9y ago Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9.
CVE-2017-5973 medium 5.5 5.5 FIX slesdebian debian rhel qemuredhat 9y ago The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors r…
CVE-2016-10165 high 7.1 7.1 FIX slesdebian debian rhel littlecmsredhatnetapp 10y ago The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which …
CVE-2016-9921 medium 6.5 6.5 FIX slesdebian debian rhel qemuredhat 10y ago Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. …
CVE-2016-9911 medium 6.5 6.5 FIX slesdebian debian rhel qemuredhat 10y ago Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/process coul…
CVE-2016-9907 medium 6.5 6.5 FIX slesdebian debian rhel qemuredhat 10y ago Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirector in 'usbredir_handle_destroy'. A guest …
CVE-2016-4443 medium 5.5 5.5 redhat 10y ago Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local users to obtain encryption keys, certificates, and other sensitive information by reading the engine-setup log file.
CVE-2016-7466 medium 6.0 6.0 FIX slessuse suse rhel qemuredhat 10y ago Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to cause a denial of service (memory consump…
CVE-2016-7422 medium 6.0 6.0 FIX slessuse suse rhel qemuredhat 10y ago The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) …
CVE-2016-6888 medium 4.4 4.4 FIX slesdebian debian rhel qemuredhat 10y ago Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the max…
CVE-2016-6835 medium 6.0 6.0 FIX slesdebian debian rhel qemuredhat 10y ago The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging fail…
CVE-2016-8910 medium 6.0 6.0 FIX sles rheldebian debian qemuredhat 10y ago The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveragin…
CVE-2016-8909 medium 6.0 6.0 FIX sles rheldebian debian qemuredhat 10y ago The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry wit…
CVE-2016-8669 medium 6.0 6.0 FIX sles rheldebian debian qemuredhat 10y ago The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) …
CVE-2016-8576 medium 6.0 6.0 FIX sles rheldebian debian qemuredhat 10y ago The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging f…
CVE-2016-7065 high 8.8 9.8 EXP redhat 10y ago The JMX servlet in Red Hat JBoss Enterprise Application Platform (EAP) 4 and 5 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a crafted seriali…
CVE-2016-6325 high 7.8 7.8 rhel apacheredhat 10y ago The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which all…
CVE-2016-1000007 medium 6.1 6.1 FIX debian debian redhat 10y ago Pagure 2.2.1 XSS in raw file endpoint
CVE-2016-7040 high 8.8 8.8 redhat 10y ago Red Hat CloudForms Management Engine 4.1 does not properly handle regular expressions passed to the expression engine via the JSON API and the web-based UI, which allows remote authenticated users to…
CVE-2016-7046 medium 5.9 5.9 FIX debian debian redhat 10y ago Undertow Uncaught Exception vulnerability
CVE-2016-7031 high 7.5 7.5 FIX slesdebian debian ceph_projectredhat 10y ago The RGW code in Ceph before 10.0.1, when authenticated-read ACL is applied to a bucket, allows remote attackers to list the bucket contents via a URL.
CVE-2016-5398 medium 5.4 5.4 redhat 10y ago Cross-site scripting (XSS) vulnerability in Business Process Editor in Red Hat JBoss BPM Suite before 6.3.3 allows remote authenticated users to inject arbitrary web script or HTML by levering permis…
CVE-2016-4978 high 7.2 7.2 rhel apacheredhat 10y ago Apache ActiveMQ Artemis RCE Via Deserialization Gadget Chain
CVE-2016-5406 high 8.8 8.8 rhel redhat 10y ago The domain controller in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2 allows remote authenticated users to gain privileges by leveraging failure to propagate administrative RB…
CVE-2016-4993 medium 6.1 6.1 FIX rheldebian debian redhat 10y ago Improper Neutralization of CRLF Sequences in Wildfly Undertow
CVE-2016-3110 high 7.5 7.5 rhelfedora fedora redhat 10y ago mod_cluster Denial of Service vulnerability
CVE-2016-6340 high 8.4 8.4 rhel redhat 10y ago The kickstart file in Red Hat QuickStart Cloud Installer (QCI) forces use of MD5 passwords on deployed systems, which makes it easier for attackers to determine cleartext passwords via a brute-force …
CVE-2016-6322 high 8.4 8.4 rhel redhat 10y ago Red Hat QuickStart Cloud Installer (QCI) uses world-readable permissions for /etc/qci/answers, which allows local users to obtain the root password for the deployed system by reading the file.
CVE-2016-5418 high 7.5 7.5 FIX slesdebian debian rhel redhatlibarchive 10y ago The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive fil…
CVE-2016-5422 high 8.8 8.8 redhat 10y ago The web console in Red Hat JBoss Operations Network (JON) before 3.3.7 does not properly authorize requests to add users with the super user role, which allows remote authenticated users to gain admi…
CVE-2016-7034 high 8.8 8.8 redhat 10y ago The dashbuilder in Red Hat JBoss BPM Suite 6.3.2 does not properly handle CSRF tokens generated during an active session and includes them in query strings, which makes easier for remote attackers to…
CVE-2016-7033 medium 6.1 6.1 redhat 10y ago Multiple cross-site scripting (XSS) vulnerabilities in the admin pages in dashbuilder in Red Hat JBoss BPM Suite 6.3.2 allow remote attackers to inject arbitrary web script or HTML via unspecified ve…
CVE-2016-6346 high 7.5 7.5 FIX debian debian redhat 10y ago Denial of service in JBoss resteasy
CVE-2016-6345 medium 6.5 6.5 FIX debian debian redhat 10y ago Exposure of Sensitive Information to an Unauthorized Actor in RESTEasy
CVE-2016-6344 medium 5.3 5.3 redhat 10y ago Red Hat JBoss BPM Suite 6.3.x does not include the HTTPOnly flag in a Set-Cookie header for session cookies, which makes it easier for remote attackers to obtain potentially sensitive information via…
CVE-2016-2183 high 7.5 7.5 FIX slesarch arch rhel redhatpythoncisco 10y ago The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for re…
CVE-2016-7103 medium 6.1 6.1 FIX slesdebian debianfedora fedora jqueryuioraclenetapp 10y ago jQuery-UI vulnerable to Cross-site Scripting in dialog closeText
CVE-2016-5383 high 8.8 8.8 redhat 10y ago The web UI in Red Hat CloudForms 4.1 allows remote authenticated users to execute arbitrary code via vectors involving "Lack of field filters."
CVE-2016-5392 medium 6.5 6.5 redhat 10y ago The API server in Kubernetes, as used in Red Hat OpenShift Enterprise 3.2, in a multi tenant environment allows remote authenticated users with knowledge of other project names to obtain sensitive pr…
CVE-2016-3097 medium 6.1 6.1 sles redhat 10y ago Cross-site scripting (XSS) vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via a group name, related to viewing snapshot data.
CVE-2016-3080 medium 6.1 6.1 redhat 10y ago Cross-site scripting (XSS) vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via the (1) RHNMD User or (2) Filesystem parameters,…
CVE-2016-5403 medium 5.5 5.5 FIX slesdebian debian rhel qemuredhat 10y ago The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without w…
CVE-2016-5387 high 8.1 8.1 FIX debian debian slesfedora fedora apachehporacle 10y ago The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, wh…
CVE-2016-5009 medium 6.5 6.5 FIX slesdebian debian rhel redhat 10y ago The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service (segmentation fault and ceph monitor crash) via an (1) empty or (2) crafted prefix.
CVE-2016-4985 high 7.5 7.5 FIX slesdebian debian redhatcanonical 10y ago OpenStack Ironic Exposure of Sensitive Information to an Unauthorized Actor
CVE-2016-4428 medium 5.4 5.4 FIX slesdebian debian rhel openstackredhat 10y ago OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability
CVE-2016-4474 high 8.8 8.8 redhat 10y ago The image build process for the overcloud images in Red Hat OpenStack Platform 8.0 (Liberty) director and Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) director (aka overcloud-full) use a de…
CVE-2016-3738 high 8.8 8.8 redhat 10y ago Red Hat OpenShift Enterprise 3.2 does not properly restrict access to STI builds, which allows remote authenticated users to access the Docker socket and gain privileges via vectors related to build-…
CVE-2016-3708 high 7.1 7.1 redhat 10y ago Red Hat OpenShift Enterprise 3.2, when multi-tenant SDN is enabled and a build is run in a namespace that would normally be isolated from pods in other namespaces, allows remote authenticated users t…
CVE-2016-3703 medium 5.3 5.3 redhat 10y ago Red Hat OpenShift Enterprise 3.2 and 3.1 do not properly validate the origin of a request when anonymous access is granted to a service/proxy or pod/proxy API for a specific pod, which allows remote …
CVE-2016-2160 high 8.8 8.8 redhat 10y ago Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allow remote authenticated users to execute commands with root privileges by changing the root password in an sti builder image.
CVE-2016-2149 medium 6.5 6.5 redhat 10y ago Red Hat OpenShift Enterprise 3.2 allows remote authenticated users to read log files from another namespace by using the same name as a previously deleted namespace when creating a new namespace.
CVE-2016-2142 medium 5.5 5.5 redhat 10y ago Red Hat OpenShift Enterprise 3.1 uses world-readable permissions on the /etc/origin/master/master-config.yaml configuration file, which allows local users to obtain Active Directory credentials by re…
CVE-2014-8177 medium 6.5 6.5 rhel redhat 10y ago The Red Hat gluster-swift package, as used in Red Hat Gluster Storage (formerly Red Hat Storage Server), allows remote authenticated users to bypass the max_meta_count constraint via multiple crafted…
CVE-2016-3096 high 7.8 7.8 FIX debian debianfedora fedora redhat 10y ago The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /…
CVE-2016-0376 high 8.1 8.1 slessuse suse rhel novellibmredhat 10y ago The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40…
CVE-2016-0363 high 8.1 8.1 slessuse suse rhel redhatnovellibm 10y ago The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.…
CVE-2016-5126 high 7.8 7.8 FIX slesdebian debianubuntu ubuntu qemuredhat 10y ago Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code vi…
CVE-2016-4020 medium 6.5 6.5 FIX sles rhelubuntu ubuntu qemuredhat 10y ago The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory …
CVE-2014-3672 medium 6.5 6.5 FIX slesdebian debian redhat 10y ago The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr.
CVE-2016-0264 medium 5.6 5.6 sles rhelsuse suse ibmredhatsuse 10y ago Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP…
CVE-2016-3727 medium 4.3 4.3 jenkinsredhat 10y ago Jenkins Exposes Sensitive Information via API URL
CVE-2016-3726 high 7.4 7.4 jenkinsredhat 10y ago Jenkins affected by Open Redirect Vulnerability
CVE-2016-3725 medium 4.3 4.3 jenkinsredhat 10y ago Missing permissions check in Jenkins Core
CVE-2016-3724 medium 6.5 6.5 redhatjenkins 10y ago Jenkins Exposes Sensitive Information from Job Configuration
CVE-2016-3723 medium 4.3 4.3 jenkinsredhat 10y ago Exposure of Sensitive Information in Jenkins Core
CVE-2016-3722 medium 4.3 4.3 jenkinsredhat 10y ago Incorrect Authorization in Jenkins Core
CVE-2016-3721 medium 4.3 4.3 redhatjenkins 10y ago Jenkins allows Remote Users to Inject Build Parameters
CVE-2016-3627 high 7.5 7.5 FIX slesubuntu ubuntudebian debian hpxmlsoftredhat 10y ago The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consum…
CVE-2016-3710 high 8.8 8.8 FIX slesubuntu ubuntudebian debian hpqemuoracle 10y ago The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes …
CVE-2016-0695 medium 5.9 5.9 FIX sles rheldebian debian oracleredhat 10y ago Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.
CVE-2015-5271 high 7.5 7.5 redhatopenstack 10y ago The TripleO Heat templates (tripleo-heat-templates) do not properly order the Identity Service (keystone) before the OpenStack Object Storage (Swift) staticweb middleware in the swiftproxy pipeline w…
CVE-2015-5247 medium 6.5 6.5 FIX debian debianubuntu ubuntu redhat 10y ago The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service (libvirtd crash) by triggering a failed unl…
CVE-2011-4600 medium 5.9 5.9 FIX debian debianubuntu ubuntu redhat 10y ago The networkReloadIptablesRules function in network/bridge_driver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when libvirtd is restarted, which might allow rem…
CVE-2016-3079 medium 6.1 6.1 sles redhat 10y ago Multiple cross-site scripting (XSS) vulnerabilities in the Web UI in Spacewalk and Red Hat Satellite 5.7 allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to systems…
CVE-2016-2103 medium 6.1 6.1 sles redhat 10y ago Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Satellite 5 allow remote attackers to inject arbitrary web script or HTML via (1) the list_1680466951_oldfilterval parameter to systems/…
CVE-2015-0284 medium 5.4 5.4 redhat 10y ago Cross-site scripting (XSS) vulnerability in spacewalk-java in Spacewalk and Red Hat Satellite 5.7 allows remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the …
CVE-2015-8080 high 7.5 7.5 FIX suse susedebian debian redislabsredhatredis 10y ago Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to ca…
CVE-2016-2857 high 8.4 8.4 FIX slesubuntu ubuntudebian debian qemuredhat 10y ago The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet.
CVE-2016-1568 high 8.8 8.8 FIX slesdebian debian rhel qemuredhat 10y ago Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary co…
CVE-2015-7528 medium 5.3 5.3 FIX debian debian kubernetesredhat 10y ago Kubernetes before 1.2.0-alpha.5 allows remote attackers to read arbitrary pod logs via a container name.
CVE-2015-7502 medium 5.1 5.1 redhat 10y ago Red Hat CloudForms 3.2 Management Engine (CFME) 5.4.4 and CloudForms 4.0 Management Engine (CFME) 5.5.0 do not properly encrypt data in the backend PostgreSQL database, which might allow local users …
CVE-2015-5329 high 7.3 7.3 redhat 10y ago The TripleO Heat templates (tripleo-heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 7.0, do not properly use the configured RabbitMQ credentials, which makes it easier for rem…