VYPR
Moderate severityNVD Advisory· Published May 12, 2015· Updated Jun 17, 2026

CVE-2015-3646

CVE-2015-3646

Description

OpenStack Identity (Keystone) before 2014.1.5 and 2014.2.x before 2014.2.4 logs the backend_argument configuration option content, which allows remote authenticated users to obtain passwords and other sensitive backend information by reading the Keystone logs.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
keystonePyPI
>= 2011.3, < 2014.1.52014.1.5
keystonePyPI
>= 2014.2, < 2014.2.42014.2.4

Affected products

9

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.