Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
OpenstackTrove

3 matches found

CVE
CVEadded 2014/10/08 7:0 p.m.65 views

CVE-2014-7231

OpenStack Oslo utility library issue CVE-2014-7231 affects Cinder, Nova, and Trove before versions 2013.2.4 and 2014.1 before 2014.1.3. The strutils.mask_password() function did not properly mask passwords in command logs, enabling a local user with read access to logs to retrieve passwords. Reme...

2.1CVSS6.1AI score0.00528EPSS
CVE
CVEadded 2014/10/08 7:0 p.m.64 views

CVE-2014-7230

CVE-2014-7230 affects OpenStack components (oslo-incubator, Cinder, Nova, Trove). The vulnerability arises in processutils.execute where certain commands that trigger a ProcessExecutionError may write passwords to logs, allowing local attackers to read them. Mitigations involve upgrading to upstr...

2.1CVSS6.1AI score0.00469EPSS
CVE
CVEadded 2017/08/11 9:0 p.m.58 views

CVE-2015-3156

CVE-2015-3156 affects OpenStack Trove (DBaaS) as packaged in OpenStack before 2015.1.0 (Kilo). A local attacker could write to configuration files via a symlink attack on a temporary file. The description lists multiple vulnerable components (e.g., _write_config in trove/guestagent/datastore/expe...

5.5CVSS5.3AI score0.00459EPSS