The TripleO Heat templates (tripleo-heat-templates), when deployed via the commandline interface, allow remote attackers to spoof OpenStack Networking metadata requests by leveraging knowledge of the default value of the NeutronMetadataProxySharedSecret parameter.
{ "github_reviewed": true, "nvd_published_at": "2016-04-11T21:59:00Z", "severity": "HIGH", "cwe_ids": [], "github_reviewed_at": "2024-04-30T08:38:14Z" }