oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request for vulnerability in OpenStack Nova

From: cve-assign () mitre org
Date: Thu, 7 Jan 2016 15:40:53 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


Xen connection password leak in logs via StorageError

If a StorageError occurs when attempting to connect a volume
using the Xen API, the connection parameters will be logged. These
parameters may include credentials that are not masked.

https://launchpad.net/bugs/1516765


Use CVE-2015-8749 for the lack of strutils.mask_password use. There is
no CVE ID for the https://bugs.launchpad.net/bugs/1321785 related
discussion of a design issue.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWjszMAAoJEL54rhJi8gl5RMAP/RcP2koL8KmPcmnknO/jFAGp
ZARI12CsqoS6u+lKUsr0ZnNLbOoJHzIyiinEtRSTrisyrZIF9pLjlCVQ3xwPDZUr
IIVpW5clK3WWsl4838LgtIFfQwTHot8slglIIvWMyfPh/VVMqNA4rWU/i8+loscw
82WnO+rgaMnZDH68IKyEBFkrrvdvrP0ixB3Q0ImjxfnjXqy74PwNzeRWCi26D5+8
FEJEmmaXjkP0nWr1HoKkGuDb2A8TS8ZrNNDCFKJXbQccVv3EikPMAwCdp8yVROmo
jFALhLJSsiyDqOFVFNYQKb6pCTOGQOXunba8AFnTK2XzGOVx/bSQOUVUQn84B7Fo
CC7vneB6upaPNH2lYj8De0Iiw1asPQh1KJhhFR7/3qHZ/9H6WX13GHGfs4/tqDT4
PS5aYJvcW8klwOoy2x2w5bHS2n1fQkvbOzJ1u61xlAleyA0+LICyU/l3nrhz9R+7
V/s8M3sFMh5/eLfYIJEa24fITUnJxU5jt6DiPFgsz1f34msek8x2GitK1NsCMEkO
4Vz6Fp2D6sQlEiTkA/vkUbHMZRcgmbw13If+kWRFevDA1epXWn2h+ikHV687ENvD
dnm6bCUrLYzV4o204hVnrN7G9IzuOYawgrZ3ZC76tkGBJoBDeWiM1UK2TB3b9qvY
3ixDLcVIthDIaJTmNEds
=Zujb
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: