CVE-2016-9185
- Source
- https://cve.org/CVERecord?id=CVE-2016-9185
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-9185.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2016-9185
- Downstream
- Published
- 2016-11-04T10:59:05.193Z
- Modified
- 2026-05-18T09:58:51.788387Z
- Severity
-
- 4.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
In OpenStack Heat, by launching a new Heat stack with a local URL an authenticated user may conduct network discovery revealing internal network configuration. Affected versions are <=5.0.3, >=6.0.0 <=6.1.0, and ==7.0.0.
- References
Affected packages
Git / github.com/openstack/heat
Affected ranges
- Type
- GIT
- Repo
- https://github.com/openstack/heat
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affected
- Database specific
{ "source": "CPE_FIELD", "cpe": [ "cpe:2.3:a:openstack:heat:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:openstack:heat:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openstack:heat:6.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:openstack:heat:7.0.0:*:*:*:*:*:*:*" ], "extracted_events": [ { "introduced": "0" }, { "last_affected": "5.0.3" }, { "last_affected": "6.0.0" }, { "last_affected": "6.1.0" }, { "last_affected": "7.0.0" } ] }
Affected versions
2013.*
2013.1.rc1
2013.2.b1
2013.2.b2
2013.2.b3
2013.2.rc1
2014.*
2014.1.b1
2014.1.b2
2014.1.rc1
2014.2.b1
2014.2.b2
2014.2.b3
2014.2.rc1
2015.*
2015.1.0b1
2015.1.0b2
2015.1.0b3
2015.1.0rc1
5.*
5.0.0
5.0.0.0b1
5.0.0.0b2
5.0.0.0b3
5.0.0.0rc1
5.0.0.0rc2
5.0.0a0
5.0.1
5.0.2
5.0.3
6.*
6.0.0
6.0.0.0b1
6.0.0.0b2
6.0.0.0b3
6.0.0.0rc1
6.0.0.0rc2
6.0.0.0rc3
6.1.0
7.*
7.0.0
7.0.0.0b1
7.0.0.0b2
7.0.0.0b3
7.0.0.0rc1
7.0.0.0rc2
Other
grizzly-2
v4-branch-eol
v5-branch-eol
v6-branch-eol
v7-branch-eol
v2-M1.*
v2-M1.release
v3.*
v3.release
v4.*
v4.release
v5.*
v5.release
v6.*
v6.release