Описание
The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpid_protocol is set to ssl, which allows remote attackers to obtain sensitive information by sniffing the network.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected] |
| lucid | DNE | |
| precise | DNE | |
| quantal | released | 2012.2.4-0ubuntu1.1 |
| saucy | not-affected | |
| trusty | not-affected | |
| trusty/esm | DNE | trusty was not-affected |
| upstream | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | code not present |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [code not present]] |
| lucid | DNE | |
| precise | not-affected | code not present |
| quantal | not-affected | code not present |
| saucy | not-affected | |
| trusty | not-affected | code not present |
| trusty/esm | DNE | trusty was not-affected [code not present] |
| upstream | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected] |
| lucid | DNE | |
| precise | DNE | |
| quantal | DNE | |
| saucy | not-affected | |
| trusty | not-affected | |
| trusty/esm | DNE | trusty was not-affected |
| upstream | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1:2014.1~b3-0ubuntu2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [1:2014.1~b3-0ubuntu2]] |
| lucid | DNE | |
| precise | released | 2012.1.3+stable-20130423-e52e6912-0ubuntu1.4 |
| quantal | ignored | end of life, was pending |
| saucy | not-affected | 1:2013.2~rc2-0ubuntu1 |
| trusty | not-affected | 1:2014.1~b3-0ubuntu2 |
| trusty/esm | DNE | trusty was not-affected [1:2014.1~b3-0ubuntu2] |
| upstream | released | 2013.2.b3 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| lucid | DNE | |
| precise | not-affected | |
| quantal | released | 2012.2.4-0ubuntu1.1 |
| saucy | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | not-affected |
Показывать по
4.3 Medium
CVSS2
Связанные уязвимости
The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpid_protocol is set to ssl, which allows remote attackers to obtain sensitive information by sniffing the network.
The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpid_protocol is set to ssl, which allows remote attackers to obtain sensitive information by sniffing the network.
The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo bef ...
The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpid_protocol is set to ssl, which allows remote attackers to obtain sensitive information by sniffing the network.
4.3 Medium
CVSS2