VYPR
Unrated severityNVD Advisory· Published Oct 8, 2014· Updated Jun 17, 2026

CVE-2014-7230

CVE-2014-7230

Description

The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • OpenStack/Cinder2 versions
    cpe:2.3:a:openstack:cinder:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:openstack:cinder:*:*:*:*:*:*:*:*range: >=2013.2,<2013.2.4
    • (no CPE)range: <2013.2.4 (2013.x) / <2014.1.3 (2014.x)
  • cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*
    Range: >=2013.2,<2013.2.4
  • cpe:2.3:a:openstack:trove:*:*:*:*:*:*:*:*
    Range: >=2013.2,<2013.2.4
  • cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  • Range: <2013.2.4 (2013.x) / <2014.1.3 (2014.x)

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.