OpenStack Orchestration API (Heat) 2013.2 through 2013.2.3 and 2014.1, when creating the stack for a template using a provider template, allows remote authenticated users to obtain the provider template URL via the resource-type-list.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-05-23T14:00:00

Updated: 2024-08-06T10:57:17.233Z

Reserved: 2014-05-20T00:00:00

Link: CVE-2014-3801

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-05-23T14:55:11.773

Modified: 2024-11-21T02:08:52.437

Link: CVE-2014-3801

cve-icon Redhat

Severity : Moderate

Publid Date: 2014-04-23T00:00:00Z

Links: CVE-2014-3801 - Bugzilla