Back to search
CVE-2014-1948
Published: Feb 14, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
OpenStack Image Registry and Delivery Service (Glance) 2013.2 through 2013.2.1 and Icehouse before icehouse-2 logs a URL containing the Swift store backend password when authentication fails and WARNING level logging is enabled, which allows local users to obtain sensitive information by reading the log.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugs.launchpad.net/glance/+bug/1275062
x_refsource_CONFIRM
56419
third-party-advisory
x_refsource_SECUNIA
RHSA-2014:0229
vendor-advisory
x_refsource_REDHAT
65507
vdb-entry
x_refsource_BID
[oss-security] 20140212 [OSSA 2014-004] Glance Swift store backend password leak (CVE-2014-1948)
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now