Back to search
CVE-2014-0006
Published: Jan 23, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2014:0232
vendor-advisory
x_refsource_REDHAT
https://bugs.launchpad.net/swift/+bug/1265665
x_refsource_CONFIRM
[oss-security] 20140117 [OSSA 2014-002] Swift TempURL timing attack (CVE-2014-0006)
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now