{"id":"CVE-2014-7230","details":"The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.","modified":"2026-02-05T04:46:30.052017Z","published":"2014-10-08T19:55:04Z","related":["SUSE-SU-2015:0324-1"],"references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2014-1939.html"},{"type":"ADVISORY","url":"http://seclists.org/oss-sec/2014/q3/853"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/70185"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2405-1"},{"type":"ADVISORY","url":"https://bugs.launchpad.net/oslo-incubator/+bug/1343604"},{"type":"ADVISORY","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/96725"},{"type":"ARTICLE","url":"http://seclists.org/oss-sec/2014/q3/853"}],"schema_version":"1.7.3"}