Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-4615

Опубликовано: 19 авг. 2014
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry (Ceilometer) 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain X_AUTH_TOKEN values by reading the message queue (v2/meters/http.request).

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:openstack:neutron:2014.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:neutron:2014.1.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:neutron:juno1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:oslo:-:*:*:*:*:*:*:*
cpe:2.3:a:openstack:pycadf:*:*:*:*:*:*:*:*
Версия до 0.5.0 (включая)
cpe:2.3:a:openstack:pycadf:0.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:pycadf:0.1.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:pycadf:0.1.2:*:*:*:*:*:*:*
cpe:2.3:a:openstack:pycadf:0.1.3:*:*:*:*:*:*:*
cpe:2.3:a:openstack:pycadf:0.1.4:*:*:*:*:*:*:*
cpe:2.3:a:openstack:pycadf:0.1.5:*:*:*:*:*:*:*
cpe:2.3:a:openstack:pycadf:0.1.6:*:*:*:*:*:*:*
cpe:2.3:a:openstack:pycadf:0.1.7:*:*:*:*:*:*:*
cpe:2.3:a:openstack:pycadf:0.1.8:*:*:*:*:*:*:*
cpe:2.3:a:openstack:pycadf:0.1.9:*:*:*:*:*:*:*
cpe:2.3:a:openstack:pycadf:0.2:*:*:*:*:*:*:*
cpe:2.3:a:openstack:pycadf:0.2.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:pycadf:0.2.2:*:*:*:*:*:*:*
cpe:2.3:a:openstack:pycadf:0.3:*:*:*:*:*:*:*
cpe:2.3:a:openstack:pycadf:0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:pycadf:0.4:*:*:*:*:*:*:*
cpe:2.3:a:openstack:pycadf:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:telemetry_\(ceilometer\):2013.2:*:*:*:*:*:*:*
cpe:2.3:a:openstack:telemetry_\(ceilometer\):2014.1:*:*:*:*:*:*:*

EPSS

Процентиль: 73%
0.0075
Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

ubuntu логотип

CVE-2014-4615

ubuntu
больше 11 лет назад

The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry (Ceilometer) 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain X_AUTH_TOKEN values by reading the message queue (v2/meters/http.request).

redhat логотип

CVE-2014-4615

redhat
больше 11 лет назад

The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry (Ceilometer) 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain X_AUTH_TOKEN values by reading the message queue (v2/meters/http.request).

debian логотип

CVE-2014-4615

debian
больше 11 лет назад

The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemet ...

github логотип

GHSA-9wrh-vfjh-96rg

github
больше 3 лет назад

The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry (Ceilometer) 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain X_AUTH_TOKEN values by reading the message queue (v2/meters/http.request).

EPSS

Процентиль: 73%
0.0075
Низкий

5 Medium

CVSS2

Дефекты

CWE-200