CVE-2016-9185
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-9185
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9185.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-9185
- Downstream
- Published
- 2016-11-04T10:59:05Z
- Modified
- 2025-07-29T07:30:21.934780Z
- Severity
-
- 4.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
In OpenStack Heat, by launching a new Heat stack with a local URL an authenticated user may conduct network discovery revealing internal network configuration. Affected versions are <=5.0.3, >=6.0.0 <=6.1.0, and ==7.0.0.
- References
Affected packages
Debian:11 / heat
Package
- Name
- heat
- Purl
- pkg:deb/debian/heat?arch=source
Debian:12 / heat
Package
- Name
- heat
- Purl
- pkg:deb/debian/heat?arch=source
Debian:13 / heat
Package
- Name
- heat
- Purl
- pkg:deb/debian/heat?arch=source
Git / github.com/openstack/heat
Affected ranges
- Type
- GIT
- Repo
- https://github.com/openstack/heat
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affected
Affected versions
2013.*
2013.1.rc1
2013.2.b1
2013.2.b2
2013.2.b3
2013.2.rc1
2014.*
2014.1.b1
2014.1.b2
2014.1.rc1
2014.2
2014.2.b1
2014.2.b2
2014.2.b3
2014.2.rc1
2014.2.rc2
2014.2.rc3
2015.*
2015.1.0
2015.1.0b1
2015.1.0b2
2015.1.0b3
2015.1.0rc1
2015.1.0rc2
5.*
5.0.0
5.0.0.0b1
5.0.0.0b2
5.0.0.0b3
5.0.0.0rc1
5.0.0.0rc2
5.0.0a0
6.*
6.0.0
6.0.0.0b1
6.0.0.0b2
6.0.0.0b3
6.0.0.0rc1
6.0.0.0rc2
6.0.0.0rc3
Other
grizzly-2
v4-branch-eol
v5-branch-eol
v6-branch-eol
v7-branch-eol
v2-M1.*
v2-M1.release
v3.*
v3.release
v4.*
v4.release
v5.*
v5.release
v6.*
v6.release