CVE-2015-3646

OpenStack Identity (Keystone) before 2014.1.5 and 2014.2.x before 2014.2.4 logs the backend_argument configuration option content, which allows remote authenticated users to obtain passwords and other sensitive backend information by reading the Keystone logs.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*
cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*

Information

Published : 2015-05-12 12:59

Updated : 2020-06-02 12:04


NVD link : CVE-2015-3646

Mitre link : CVE-2015-3646


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

openstack

  • keystone

oracle

  • solaris