VYPR
Unrated severityNVD Advisory· Published Aug 19, 2014· Updated Jun 17, 2026

CVE-2014-4615

CVE-2014-4615

Description

The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry (Ceilometer) 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain X_AUTH_TOKEN values by reading the message queue (v2/meters/http.request).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

29
  • OpenStack/Neutron4 versions
    cpe:2.3:a:openstack:neutron:2014.1:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:openstack:neutron:2014.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:neutron:2014.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:neutron:juno1:*:*:*:*:*:*:*
    • (no CPE)range: >=2014, <2014.1.2, < Juno-2
  • cpe:2.3:a:openstack:oslo:-:*:*:*:*:*:*:*
  • OpenStack/Pycadf19 versions
    cpe:2.3:a:openstack:pycadf:*:*:*:*:*:*:*:*+ 18 more
    • cpe:2.3:a:openstack:pycadf:*:*:*:*:*:*:*:*range: <=0.5.0
    • cpe:2.3:a:openstack:pycadf:0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:pycadf:0.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:pycadf:0.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:pycadf:0.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:pycadf:0.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:pycadf:0.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:pycadf:0.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:pycadf:0.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:pycadf:0.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:pycadf:0.1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:pycadf:0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:pycadf:0.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:pycadf:0.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:pycadf:0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:pycadf:0.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:pycadf:0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:pycadf:0.4.1:*:*:*:*:*:*:*
    • (no CPE)range: <=0.5.0
  • cpe:2.3:a:openstack:telemetry_\(ceilometer\):2013.2:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:openstack:telemetry_\(ceilometer\):2013.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:telemetry_\(ceilometer\):2014.1:*:*:*:*:*:*:*
    • (no CPE)range: >=2013.2, <2013.2.4, >=2014, <2014.1.2
  • cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.