Comment 15 for bug 938315

Proposed impact description...

    Title: Keystone client local information disclosure
    Reporter: Jake Dahn (Nebula)
    Products: python-keystoneclient
    Affects: All versions

    Jake Dahn from Nebula reported a vulnerability that the keystone
    client only allows passwords to be updated in a clear text
    command-line argument, which may enable other local users to obtain
    sensitive information by listing the process and potentially leaves
    a record of the password within the shell command history.