Ubuntu Update For Heat USN-2249-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Jason Dunsmore discovered that OpenStack heat did not properly restrict access to template information. A remote authenticated attacker could exploit this to see URL provider templates of other tenants for a limited time.

Affected

heat on Ubuntu 14.04 LTS

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-June/002552.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-3801

CVSS	Base Score: 3.5 AV:N/AC:M/Au:S/C:P/I:N/A:N

Related Vulnerabilities

Ubuntu Update for dbus USN-2275-1
Ubuntu Update for krb5 USN-2498-1
Ubuntu Update for cgmanager USN-2451-1
Ubuntu Update for gnupg USN-2339-1
Ubuntu Update for systemd-shim USN-2392-1

Ubuntu Update for heat USN-2249-1

Take action and discover your vulnerabilities