Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-4615HistoryAug 19, 2014 - 6:55 p.m.
CVE-2014-4615
2014-08-1918:55:00
Debian Security Bug Tracker
security-tracker.debian.org
10
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.006 Low
EPSS
Percentile
79.1%
The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry (Ceilometer) 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain X_AUTH_TOKEN values by reading the message queue (v2/meters/http.request).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | ceilometer | < 2014.1.2-1 | ceilometer_2014.1.2-1_all.deb |
| Debian | 11 | all | ceilometer | < 2014.1.2-1 | ceilometer_2014.1.2-1_all.deb |
| Debian | 10 | all | ceilometer | < 2014.1.2-1 | ceilometer_2014.1.2-1_all.deb |
| Debian | 999 | all | ceilometer | < 2014.1.2-1 | ceilometer_2014.1.2-1_all.deb |
| Debian | 13 | all | ceilometer | < 2014.1.2-1 | ceilometer_2014.1.2-1_all.deb |
| Debian | 12 | all | neutron | < 2014.1.2-1 | neutron_2014.1.2-1_all.deb |
| Debian | 11 | all | neutron | < 2014.1.2-1 | neutron_2014.1.2-1_all.deb |
| Debian | 10 | all | neutron | < 2014.1.2-1 | neutron_2014.1.2-1_all.deb |
| Debian | 999 | all | neutron | < 2014.1.2-1 | neutron_2014.1.2-1_all.deb |
| Debian | 13 | all | neutron | < 2014.1.2-1 | neutron_2014.1.2-1_all.deb |
Related
veracode
veracode
Token Leakage
2019-01-15 08:59:05
openvas
openvas
Fedora Update for python-pycadf FEDORA-2014-7780
2014-07-15 00:00:00
Ubuntu: Security Advisory (USN-2311-1)
2014-08-12 00:00:00
Fedora Update for openstack-ceilometer FEDORA-2014-7799
2014-07-15 00:00:00
ubuntu
ubuntu
OpenStack Ceilometer vulnerability
2014-08-21 00:00:00
pyCADF vulnerability
2014-08-11 00:00:00
OpenStack Neutron vulnerabilities
2014-08-21 00:00:00
nessus
nessus
Ubuntu 14.04 LTS : pyCADF vulnerability (USN-2311-1)
2014-08-12 00:00:00
Fedora 20 : openstack-ceilometer-2013.2.3-2.fc20 (2014-7799)
2014-07-08 00:00:00
Ubuntu 14.04 LTS : OpenStack Ceilometer vulnerability (USN-2311-2)
2014-08-22 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: openstack-ceilometer-2013.2.3-2.fc20
2014-07-08 01:03:05
[SECURITY] Fedora 20 Update: python-pycadf-0.5.1-1.fc20
2014-07-08 01:01:17
securityvulns
securityvulns
[USN-2311-2] OpenStack Ceilometer vulnerability
2014-08-24 00:00:00
pyCADF information leakage
2014-08-26 00:00:00
[USN-2311-1] pyCADF vulnerability
2014-08-26 00:00:00
redhat
redhat
(RHSA-2014:1050) Important: openstack-ceilometer security and bug fix update
2014-08-13 00:00:00
ubuntucve
ubuntucve
CVE-2014-4615
2014-06-24 00:00:00
prion
prion
Xxe
2014-08-19 18:55:00
cve
cve
CVE-2014-4615
2014-08-19 18:55:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.006 Low
EPSS
Percentile
79.1%
Related for DEBIANCVE:CVE-2014-4615