Sensitive Information Exposure in OpenStack Nova Legacy Notification Exception Contexts

Sensitive Information Exposure in OpenStack Nova Legacy Notification Exception Contexts

CVE-2017-7214 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1. Legacy notification exception contexts appearing in ERROR level logs may include sensitive information such as account passwords and authorization tokens.

Learn more about our Web Application Penetration Testing UK.