Comment 37 for bug 1837877
Revision history for this message
| Jeremy Stanley (fungi) wrote Re: Error message reveals ceph information | #37 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
a60fb26
(Get the code!)
Please review the proposed impact description below. Note I did not include a stable/pike point release as it's under extended maintenance. Donny, if you'd like an employer or organization included in the reporter credit along with your name, please let me know. If this looks correct, I'll use it to request a private CVE and then we can set the coordinated disclosure schedule for it...
Title: Nova Server Resource Faults Leak External Exception Details
Reporter: Donny Davis
Products: Nova
Affects: <17.0.12,
Description:
Donny Davis reported a vulnerability in Nova Compute resource fault
handling. If an API request from an authenticated user ends in a
fault condition due to an external exception, details of the
underlying environment may be leaked in the response and could
include sensitive configuration or other data.