CVE-2019-14433
Description
An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
1.327
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2019-14433 are fixed in Python-nova 17.0.12 | Windows |
| Vulnerabilities CVE-2019-14433 are fixed in Python-nova 18.2.2 | Windows |
| Vulnerabilities CVE-2019-14433 are fixed in Python-nova 19.0.2 | Windows |
| OpenStack Compute cloud infrastructure (USN-4104-1) python-nova_13.1.4-0ubuntu4.5_all.deb | Linux |
| OpenStack Compute cloud infrastructure (USN-4104-1) nova-compute_13.1.4-0ubuntu4.5_all.deb | Linux |
| OpenStack Compute cloud infrastructure (USN-4104-1) nova-compute_19.0.1-0ubuntu2.1_all.deb | Linux |
| OpenStack Compute cloud infrastructure (USN-4104-1) python3-nova_19.0.1-0ubuntu2.1_all.deb | Linux |
| OpenStack Compute cloud infrastructure (USN-4104-1) nova-compute_17.0.10-0ubuntu2.1_all.deb | Linux |
| Vulnerabilities CVE-2019-14433 are fixed in Python-nova for linux 17.0.12 | Linux |
| Vulnerabilities CVE-2019-14433 are fixed in Python-nova for linux 18.2.2 | Linux |
| Vulnerabilities CVE-2019-14433 are fixed in Python-nova for linux 19.0.2 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234