Local User Password Exposure in OpenStack Products by Vendor
CVE-2014-7230
Currently unrated
Summary
The processutils.execute function in OpenStack's oslo-incubator allows local users to extract sensitive passwords from logs when a ProcessExecutionError occurs within the affected versions of Cinder, Nova, and Trove. This flaw poses a security risk as unauthorized users could exploit this vulnerability to gain access to confidential information, impacting the overall integrity of the system.
References
Timeline
Vulnerability published
Vulnerability Reserved