CVE-2013-0212
Last modified
CVE-2013-0212 is a vulnerability of currently unknown severity. store/swift.py in OpenStack Glance Essex (2012.1), Folsom (2012.2) before 2012.2.3, and Grizzly, when in Swift single tenant mode, logs the Swift endpoint's user name and password in cleartext when the endpoint is misconfigured or unusable, allows remote authenticated users to obtain sensitive information by reading the error messages.. EPSS estimates a 2.96% chance of exploitation in the next 30 days.
Description
store/swift.py in OpenStack Glance Essex (2012.1), Folsom (2012.2) before 2012.2.3, and Grizzly, when in Swift single tenant mode, logs the Swift endpoint's user name and password in cleartext when the endpoint is misconfigured or unusable, allows remote authenticated users to obtain sensitive information by reading the error messages.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Openstack | Image Registry And Delivery Service \(Glance\) | 2012.1 |
| Openstack | Image Registry And Delivery Service \(Glance\) | 2012.2 |
| Openstack | Image Registry And Delivery Service \(Glance\) | 2012.2.1 |
| Openstack | Image Registry And Delivery Service \(Glance\) | 2012.2.2 |
| Canonical | Ubuntu Linux | 11.10 |
| Canonical | Ubuntu Linux | 12.04 |
| Canonical | Ubuntu Linux | 12.10 |
References
- http://rhn.redhat.com/errata/RHSA-2013-0209.htmlVendor Advisory
- http://secunia.com/advisories/51957Vendor Advisory
- http://secunia.com/advisories/51990Vendor Advisory
- http://rhn.redhat.com/errata/RHSA-2013-0209.htmlVendor Advisory
- http://secunia.com/advisories/51957Vendor Advisory
- http://secunia.com/advisories/51990Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-0212?
How severe is CVE-2013-0212?
How do I fix CVE-2013-0212?
Are you affected by CVE-2013-0212?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST