The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo prior to 2013.2 does not enforce SSL connections when qpid_protocol is set to ssl, which allows remote malicious users to obtain sensitive information by sniffing the network.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat openstack 3.0 |
||
openstack oslo |