CVE-2014-0006

The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:openstack:swift:1.9.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:swift:1.9.2:*:*:*:*:*:*:*
cpe:2.3:a:openstack:swift:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:openstack:swift:1.7.4:*:*:*:*:*:*:*
cpe:2.3:a:openstack:swift:1.10.0:*:*:*:*:*:*:*
cpe:2.3:a:openstack:swift:1.4.8:*:*:*:*:*:*:*
cpe:2.3:a:openstack:swift:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:openstack:swift:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:openstack:swift:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:openstack:swift:1.4.7:*:*:*:*:*:*:*
cpe:2.3:a:openstack:swift:1.7.5:*:*:*:*:*:*:*
cpe:2.3:a:openstack:swift:1.9.0:*:*:*:*:*:*:*
cpe:2.3:a:openstack:swift:1.7.6:*:*:*:*:*:*:*
cpe:2.3:a:openstack:swift:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:openstack:swift:1.11.0:*:*:*:*:*:*:*
cpe:2.3:a:openstack:swift:1.7.0:*:*:*:*:*:*:*

Information

Published : 2014-01-22 17:55

Updated : 2014-03-07 21:12


NVD link : CVE-2014-0006

Mitre link : CVE-2014-0006


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

openstack

  • swift