Vulnerability Database

289,782

Total vulnerabilities in the database

CVE-2014-3801

OpenStack Orchestration API (Heat) 2013.2 through 2013.2.3 and 2014.1, when creating the stack for a template using a provider template, allows remote authenticated users to obtain the provider template URL via the resource-type-list.

  • Published: May 23, 2014
  • Updated: Apr 13, 2023
  • CVE: CVE-2014-3801
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 3.5
  • AV:N/AC:M/Au:S/C:P/I:N/A:N

CWEs:

Software From Fixed in
openstack / heat 2013.2 2013.2.x
openstack / heat 2013.2.3 2013.2.3.x
openstack / heat 2013.2.1 2013.2.1.x
openstack / heat 2014.1 2014.1.x
openstack / heat 2013.2.2 2013.2.2.x