An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1. Legacy notification exception contexts appearing in ERROR level logs may include sensitive information such as account passwords and authorization tokens.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/96998 | Third Party Advisory VDB Entry |
https://access.redhat.com/errata/RHSA-2017:1508 | |
https://access.redhat.com/errata/RHSA-2017:1595 | |
https://launchpad.net/bugs/1673569 | Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2017-03-21 18:59
Updated : 2024-02-28 15:44
NVD link : CVE-2017-7214
Mitre link : CVE-2017-7214
CVE.ORG link : CVE-2017-7214
JSON object : View
Products Affected
openstack
- nova
CWE
CWE-532
Insertion of Sensitive Information into Log File