Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2014-0006

The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack.

  • Published: Jan 23, 2014
  • Updated: Apr 13, 2023
  • CVE: CVE-2014-0006
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:P/I:N/A:N

CWEs:

Software From Fixed in
openstack / swift 1.4.6 1.4.6.x
openstack / swift 1.9.0 1.9.0.x
openstack / swift 1.7.4 1.7.4.x
openstack / swift 1.8.0 1.8.0.x
openstack / swift 1.7.2 1.7.2.x
openstack / swift 1.7.6 1.7.6.x
openstack / swift 1.9.1 1.9.1.x
openstack / swift 1.10.0 1.10.0.x
openstack / swift 1.6.0 1.6.0.x
openstack / swift 1.11.0 1.11.0.x
openstack / swift 1.4.7 1.4.7.x
openstack / swift 1.4.8 1.4.8.x
openstack / swift 1.5.0 1.5.0.x
openstack / swift 1.7.5 1.7.5.x
openstack / swift 1.9.2 1.9.2.x
openstack / swift 1.7.0 1.7.0.x