An access-control flaw was found in the OpenStack Designate component where private configuration information including access keys to BIND were improperly made world readable. A malicious attacker with access to any container could exploit this flaw to access sensitive information.

Related CVEs

CVE-2023-6725

Key Information

GHSA ID

GHSA-pv5w-g537-v27f

Published

March 15, 2024 3:30 PM

Last Modified

May 23, 2024 12:30 AM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 18, 2025 6:25 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.