Vulnerability Database

296,223

Total vulnerabilities in the database

CVE-2014-5038

Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or lower, logs user and system passwords, which allows local users to obtain sensitive information by reading the cloud log files.

Published: Nov 7, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-5038
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
eucalyptus / eucalyptus	4.0.1	4.0.1.x
eucalyptus / eucalyptus	3.3.1	3.3.1.x
eucalyptus / eucalyptus	3.2.2	3.2.2.x
eucalyptus / eucalyptus	3.3.2	3.3.2.x
eucalyptus / eucalyptus	3.3.0	3.3.0.x
eucalyptus / eucalyptus	3.0.1	3.0.1.x
eucalyptus / eucalyptus	3.4.0	3.4.0.x
eucalyptus / eucalyptus	3.4.1	3.4.1.x
eucalyptus / eucalyptus	3.4.2	3.4.2.x
eucalyptus / eucalyptus	3.1.0	3.1.0.x
eucalyptus / eucalyptus	3.1.1	3.1.1.x
eucalyptus / eucalyptus	3.1.2	3.1.2.x
eucalyptus / eucalyptus	3.0	3.0.x
eucalyptus / eucalyptus	3.2.1	3.2.1.x
eucalyptus / eucalyptus	3.2.0	3.2.0.x
eucalyptus / eucalyptus	3.4.3	3.4.3.x
eucalyptus / eucalyptus	4.0.0	4.0.0.x

https://www.eucalyptus.com/resources/security/advisories/esa-26