Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1948


Vulnerability Score 2.6 2.6
CVE Id CVE-2014-1948
Last Modified 08 Mar 2014 12:13:14
Published 14 Feb 2014 10:55:06
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE



OpenStack Image Registry and Delivery Service (Glance) 2013.2 through 2013.2.1 and Icehouse before icehouse-2 logs a URL containing the Swift store backend password when authentication fails and WARNING level logging is enabled, which allows local users to obtain sensitive information by reading the log.

Vulnerable Systems


  • Openstack Image Registry And Delivery Service %28glance%29 2013.2

  • Openstack Image Registry And Delivery Service %28glance%29 2013.2.1



MLIST - [oss-security] 20140212 [OSSA 2014-004] Glance Swift store backend password leak (CVE-2014-1948)

BID - 65507

SECUNIA - 56419

REDHAT - RHSA-2014:0229

Last Updated: 27 May 2016 10:56:44