Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-0006HistoryJan 23, 2014 - 1:55 a.m.
CVE-2014-0006
2014-01-2301:55:00
Debian Security Bug Tracker
security-tracker.debian.org
10
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
70.0%
The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | swift | < 1.11.0-2 | swift_1.11.0-2_all.deb |
| Debian | 11 | all | swift | < 1.11.0-2 | swift_1.11.0-2_all.deb |
| Debian | 10 | all | swift | < 1.11.0-2 | swift_1.11.0-2_all.deb |
| Debian | 999 | all | swift | < 1.11.0-2 | swift_1.11.0-2_all.deb |
| Debian | 13 | all | swift | < 1.11.0-2 | swift_1.11.0-2_all.deb |
Related
cve
cve
CVE-2014-0006
2014-01-23 01:55:00
redhat
redhat
(RHSA-2014:0367) Moderate: openstack-swift security update
2014-04-03 00:00:00
(RHSA-2014:0232) Moderate: openstack-swift security update
2014-03-04 00:00:00
github
github
OpenStack Swift Discloses Secret URLs to Timing Attack
2022-05-17 04:50:15
prion
prion
Code injection
2014-01-23 01:55:00
openvas
openvas
Ubuntu Update for swift USN-2207-1
2014-05-12 00:00:00
Ubuntu: Security Advisory (USN-2207-1)
2014-05-12 00:00:00
veracode
veracode
Information Disclosure
2019-01-15 08:57:56
ubuntucve
ubuntucve
CVE-2014-0006
2014-01-22 00:00:00
ubuntu
ubuntu
OpenStack Swift vulnerability
2014-05-06 00:00:00
nessus
nessus
Ubuntu 12.04 LTS / 12.10 / 13.10 : swift vulnerability (USN-2207-1)
2014-05-07 00:00:00
osv
osv
OpenStack Swift Discloses Secret URLs to Timing Attack
2022-05-17 04:50:15
securityvulns
securityvulns
[USN-2207-1] OpenStack Swift vulnerability
2014-05-07 00:00:00
OpenStack multiple security vulnerabilities
2014-05-07 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
70.0%
Related for DEBIANCVE:CVE-2014-0006