Описание
In OpenStack Swift through 2.10.1, 2.11.0 through 2.13.0, and 2.14.0, the proxy-server logs full tempurl paths, potentially leaking reusable tempurl signatures to anyone with read access to these logs. All Swift deployments using the tempurl middleware are affected.
Ссылки
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
Связанные уязвимости
In OpenStack Swift through 2.10.1, 2.11.0 through 2.13.0, and 2.14.0, the proxy-server logs full tempurl paths, potentially leaking reusable tempurl signatures to anyone with read access to these logs. All Swift deployments using the tempurl middleware are affected.
In OpenStack Swift through 2.10.1, 2.11.0 through 2.13.0, and 2.14.0, the proxy-server logs full tempurl paths, potentially leaking reusable tempurl signatures to anyone with read access to these logs. All Swift deployments using the tempurl middleware are affected.
In OpenStack Swift through 2.10.1, 2.11.0 through 2.13.0, and 2.14.0, ...
Уязвимость логов proxy-сервера промежуточного ПО tempurl распределенной системы хранения объектов Swift, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным
EPSS
4.3 Medium
CVSS3
4 Medium
CVSS2