Lucene search
Veracode Vulnerability DatabaseVERACODE:11521HistoryJan 15, 2019 - 9:03 a.m.
Information Disclosure
2019-01-1509:03:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.0004 Low
EPSS
Percentile
5.1%
openstack-trove is vulnerable to information disclosure attacks. The vulnerability exists as the processutils.execute function in OpenStack Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.
References
rhn.redhat.com/errata/RHSA-2014-1939.html
seclists.org/oss-sec/2014/q3/853
www.securityfocus.com/bid/70185
www.ubuntu.com/usn/USN-2405-1
access.redhat.com/security/updates/classification/#low
bugs.launchpad.net/oslo-incubator/+bug/1343604
bugzilla.redhat.com/show_bug.cgi?id=1149745
exchange.xforce.ibmcloud.com/vulnerabilities/96725
rhn.redhat.com/errata/RHSA-2014-1939.html
Related
cvelist
cvelist
CVE-2014-7230
2014-10-08 19:00:00
cve
cve
CVE-2014-7230
2014-10-08 19:55:04
debiancve
debiancve
CVE-2014-7230
2014-10-08 19:55:04
nvd
nvd
CVE-2014-7230
2014-10-08 19:55:04
prion
prion
Design/Logic Flaw
2014-10-08 19:55:00
ubuntucve
ubuntucve
CVE-2014-7230
2014-10-08 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2405-1)
2014-11-12 00:00:00
Ubuntu: Security Advisory (USN-2407-1)
2014-11-12 00:00:00
ubuntu
ubuntu
OpenStack Cinder vulnerabilities
2014-11-11 00:00:00
OpenStack Nova vulnerabilities
2014-11-11 00:00:00
nessus
nessus
RHEL 7 : openstack-trove (RHSA-2014:1939)
2024-04-24 00:00:00
Ubuntu 14.04 LTS : OpenStack Cinder vulnerabilities (USN-2405-1)
2014-11-12 00:00:00
Ubuntu 14.04 LTS : OpenStack Nova vulnerabilities (USN-2407-1)
2014-11-12 00:00:00
redhat
redhat
(RHSA-2014:1939) Low: openstack-trove security update
2014-12-02 16:42:21
securityvulns
securityvulns
[USN-2407-1] OpenStack Nova vulnerabilities
2014-12-01 00:00:00
[USN-2405-1] OpenStack Cinder vulnerabilities
2014-12-01 00:00:00
OpenStack multiple security vulnerabilities
2014-12-01 00:00:00