Ubuntu Update For Heat USN-2249-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Jason Dunsmore discovered that OpenStack heat did not properly restrict access to template information. A remote authenticated attacker could exploit this to see URL provider templates of other tenants for a limited time.

Affected

heat on Ubuntu 14.04 LTS

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-June/002552.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-3801
CVSS Base Score: 3.5
AV:N/AC:M/Au:S/C:P/I:N/A:N

Related Vulnerabilities

Ubuntu Update for openssl USN-1898-1
Ubuntu Update for libssh USN-2145-1
Ubuntu Update for systemd-shim USN-2392-1
Ubuntu Update for lightdm USN-2012-1
Ubuntu Update for glance USN-1764-1

Ubuntu Update for heat USN-2249-1

Take action and discover your vulnerabilities