Information Disclosure Vulnerability in OpenStack Nova by OpenStack Foundation
CVE-2017-7214

9.8CRITICAL

Key Information:

Vendor

Openstack
Status
Nova
Vendor
CVE Published:
21 March 2017

What is CVE-2017-7214?

An issue found in the exception_wrapper.py file of OpenStack Nova may expose sensitive information such as account passwords and authorization tokens in ERROR level logs. This vulnerability affects versions 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1, allowing unauthorized access to critical security details, which can lead to further exploitation if not addressed.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://access.redhat.com/errata/RHSA-2017:1595
vendor-advisoryx_refsource_REDHAT
http://www.securityfocus.com/bid/96998
vdb-entryx_refsource_BID
https://launchpad.net/bugs/1673569
x_refsource_CONFIRM

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.