CVE-2014-1948CVE-2014-1948

Affected configuration(s):

cpe:/a:openstack:image_registry_and_delivery_service_%28glance%29:2013.2
cpe:/a:openstack:image_registry_and_delivery_service_%28glance%29:2013.2.1

Date published: 2014-02-14T10:55:06.407-05:00

Date last modified: 2014-03-08T00:13:14.480-05:00

CVSS Score: 2.6

Principal attack vector: LOCAL

Complexity:  HIGH

Reference URL: http://rhn.redhat.com/errata/RHSA-2014-0229.html

Summary: OpenStack Image Registry and Delivery Service (Glance) 2013.2 through 2013.2.1 and Icehouse before icehouse-2 logs a URL containing the Swift store backend password when authentication fails and WARNING level logging is enabled, which allows local users to obtain sensitive information by reading the log.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.