Local User Password Exposure in OpenStack Products by Vendor
CVE-2014-7230

Currently unrated

Key Information:

Vendor

Openstack
Status
Nova
Cinder
Trove
Vendor
CVE Published:
8 October 2014

What is CVE-2014-7230?

The processutils.execute function in OpenStack's oslo-incubator allows local users to extract sensitive passwords from logs when a ProcessExecutionError occurs within the affected versions of Cinder, Nova, and Trove. This flaw poses a security risk as unauthorized users could exploit this vulnerability to gain access to confidential information, impacting the overall integrity of the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://seclists.org/oss-sec/2014/q3/853
mailing-listx_refsource_MLIST
https://exchange.xforce.ibmcloud.com/vulnerabilities/96725
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/70185
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.