[Openstack] [OSSA 2014-016] Heat template URL information leakage (CVE-2014-3801)

Tristan Cacqueray tristan.cacqueray at enovance.com
Fri May 23 18:27:36 UTC 2014


OpenStack Security Advisory: 2014-016
CVE: CVE-2014-3801
Date: May 23, 2014
Title: Heat template URL information leakage
Reporter: Jason Dunsmore (Rackspace)
Products: Heat
Versions: 2013.2 to 2013.2.3, and 2014.1

Description:
Jason Dunsmore from Rackspace reported a vulnerability in Heat. An
authenticated user may temporarily see the URL of a provider template
used in another tenant by listing heat resources types. This may result
in disclosure of additional information if the template itself can be
accessed. The URL disappears from the listing after a certain point in
the stack creation. All Heat setups are affected.

Juno (development branch) fix:
https://review.openstack.org/89695

Icehouse fix:
https://review.openstack.org/94625

Havana fix:
https://review.openstack.org/94644

Notes:
This fix will be included in the juno-1 development milestone and in
future 2013.2.4 and 2014.1.1 releases.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3801
https://launchpad.net/bugs/1311223

-- 
Tristan Cacqueray
OpenStack Vulnerability Management Team



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 555 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140523/16a49321/attachment.sig>


More information about the Openstack mailing list