VIR Vulnerability Intelligence Relay

CVE-2014-7231

low
Published 2014-10-08 · Modified 2024-11-28
CVSS v3
CVSS v2
2.1
VIR risk
2.1

Description

OpenStack Oslo utility sensitive information exposure via log files

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2014-7231

OS impact
OSVersionStatusFixed in
debian debianbookwormfixed0.2.0-1
debian debianbullseyefixed0.2.0-1
debian debianforkyfixed0.2.0-1
debian debiansidfixed0.2.0-1
debian debiantrixiefixed0.2.0-1

Package impact
EcosystemPackageVulnerableFixed
python PyPIoslo-utils<0.2.00.2.0

Application impact
VendorProductVersionsFixed
openstackcinder{"startIncluding":"2013.2","endExcluding":"2013.2.4"}2013.2.4
openstacknova{"startIncluding":"2013.2","endExcluding":"2013.2.4"}2013.2.4
openstacktrove{"startIncluding":"2013.2","endExcluding":"2013.2.4"}2013.2.4
redhat redhatopenstack5.0

References

CWEs

CWE-200

Verify integrity in audit chain (admin only). AS-IS.