0.002 Low
EPSS
Percentile
59.8%
OpenStack Orchestration API (Heat) 2013.2 through 2013.2.3 and 2014.1, when creating the stack for a template using a provider template, allows remote authenticated users to obtain the provider template URL via the resource-type-list.
launchpad.net/bugs/1311223
launchpad.net/bugs/cve/CVE-2014-3801
nvd.nist.gov/vuln/detail/CVE-2014-3801
security-tracker.debian.org/tracker/CVE-2014-3801
ubuntu.com/security/notices/USN-2249-1
www.cve.org/CVERecord?id=CVE-2014-3801