ubuntu · CVE-2014-4615

Quick triage

Priority: medium Published: 2014-06-24 00:00:00 UTC Updated: 2024-07-24 15:57:39 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2014-4615 medium priority: Ubuntu including 3 source packages (ceilometer, neutron, python-pycadf), 15 status rows across 5 suites (lucid, precise, saucy, trusty, upstream): DNE 7, released 5, ignored 1, needed 1, not-affected 1.

Description:

The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry (Ceilometer) 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain X_AUTH_TOKEN values by reading the message queue (v2/meters/http.request).

cvelogic Threat Intelligence