3 matches found
RHEL 7 : openstack-trove (RHSA-2014:1939)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1939 advisory. OpenStack Database trove is Database as a Service for Openstack. It runs entirely on OpenStack, with the goal of allowing users to quickly a...
CVE-2014-7231
The strutils.maskpassword function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 does not properly mask passwords when logging commands, which allows local users to obtain passwords by reading the log...
CVE-2014-7231
OpenStack Oslo utility library issue CVE-2014-7231 affects Cinder, Nova, and Trove before versions 2013.2.4 and 2014.1 before 2014.1.3. The strutils.mask_password() function did not properly mask passwords in command logs, enabling a local user with read access to logs to retrieve passwords. Reme...