Solution
Please Install the Updated Packages.
Insight
USN-2311-1 fixed vulnerabilities in pyCADF. This update provides the corresponding updates for OpenStack Ceilometer.
Original advisory details:
Zhi Kun Liu discovered that pyCADF incorrectly filtered certain tokens.
An attacker could possibly use this issue to obtain authentication tokens used in REST requests.
Affected
ceilometer on Ubuntu 14.04 LTS
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-4615 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities