The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove prior to 2013.2.4 and 2014.1 prior to 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openstack trove |
||
openstack cinder |
||
openstack nova |
||
redhat openstack 5.0 |
||
canonical ubuntu linux 14.04 |