neutron

  1. Bug #1734320
  2. Comment #11

Comment 11 for bug 1734320

Revision history for this message
Tristan Cacqueray (tristan-cacqueray) wrote :

@Paul, well I tend to agree this is a vulnerability (class A according to the VMT taxonomy: http://security.openstack.org/vmt-process.html#incident-report-taxonomy ). However, since a malicious user can't control the condition of exploitation, other VMT member may disagree with issuing an advisory for this issue.

I guess it boils down to how likely a user can snoop sensitive traffic.