CVE-2014-7230

The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:openstack:trove:*:*:*:*:*:*:*:*
cpe:2.3:a:openstack:cinder:*:*:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*
cpe:2.3:a:openstack:trove:*:*:*:*:*:*:*:*
cpe:2.3:a:openstack:cinder:*:*:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

Information

Published : 2014-10-08 12:55

Updated : 2018-11-16 07:29


NVD link : CVE-2014-7230

Mitre link : CVE-2014-7230


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

redhat

  • openstack

openstack

  • nova
  • trove
  • cinder

canonical

  • ubuntu_linux