VPN shared PSK shown in plaintext
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Dashboard (Horizon) |
Fix Released
|
Low
|
Julie Gravel | ||
OpenStack Security Advisory |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
In the neutron VPN details and form, https:/
Filing this as a security bug out of an overabundance of caution; while it is related to security it doesn't describe a vulnerability that can be exploited by means other than shoulder surfing.
information type: | Private Security → Public Security |
description: | updated |
Changed in horizon: | |
assignee: | nobody → Julie Gravel (julie-gravel) |
status: | New → In Progress |
information type: | Public Security → Public |
tags: | added: security |
Changed in horizon: | |
milestone: | none → pike-1 |
importance: | Undecided → Low |
Changed in horizon: | |
status: | New → Fix Released |
Since this report concerns a possible security risk, an incomplete security advisory task has been added while the core security reviewers for the affected project or projects confirm the bug and discuss the scope of any vulnerability along with potential solutions.