An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1. Legacy notification exception contexts appearing in ERROR level logs may include sensitive information such as account passwords and authorization tokens.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/96998 | Third Party Advisory VDB Entry |
https://access.redhat.com/errata/RHSA-2017:1508 | |
https://access.redhat.com/errata/RHSA-2017:1595 | |
https://launchpad.net/bugs/1673569 | Patch Third Party Advisory |
http://www.securityfocus.com/bid/96998 | Third Party Advisory VDB Entry |
https://access.redhat.com/errata/RHSA-2017:1508 | |
https://access.redhat.com/errata/RHSA-2017:1595 | |
https://launchpad.net/bugs/1673569 | Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 03:31
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/96998 - Third Party Advisory, VDB Entry | |
References | () https://access.redhat.com/errata/RHSA-2017:1508 - | |
References | () https://access.redhat.com/errata/RHSA-2017:1595 - | |
References | () https://launchpad.net/bugs/1673569 - Patch, Third Party Advisory |
Information
Published : 2017-03-21 18:59
Updated : 2024-11-21 03:31
NVD link : CVE-2017-7214
Mitre link : CVE-2017-7214
CVE.ORG link : CVE-2017-7214
JSON object : View
Products Affected
openstack
- nova
CWE
CWE-532
Insertion of Sensitive Information into Log File