CVE-2019-3830
published 2019-03-26CVE-2019-3830: A vulnerability was found in ceilometer before version 12.0.0.0rc1. An Information Exposure in ceilometer-agent prints sensitive configuration data to log…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
A vulnerability was found in ceilometer before version 12.0.0.0rc1. An Information Exposure in ceilometer-agent prints sensitive configuration data to log files without DEBUG logging being activated.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | ceilometer | < ceilometer 1:11.0.1-5 (bookworm) | ceilometer 1:11.0.1-5 (bookworm) |
| openstack | ceilometer | <= 11.01 | — |
| openstack | ceilometer | >= 0 < 1:11.0.1-5 | 1:11.0.1-5 |
| openstack | ceilometer | >= 0 < 1:11.0.1-5 | 1:11.0.1-5 |
| openstack | ceilometer | >= 0 < 1:11.0.1-5 | 1:11.0.1-5 |
| openstack | ceilometer | >= 0 < 1:11.0.1-5 | 1:11.0.1-5 |
| openstack | ceilometer | >= 0 < 12.0.0.0rc1 | 12.0.0.0rc1 |
| openstack | ceilometer | 2013.1 – 2015.1.4 | — |
| redhat | openstack | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH