CVE-2014-5038
Eucalyptus 3.0.0-4.0.1 - Unauthorized Sensitive Information Exposure via Debug Log
Title source: llmDescription
Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or lower, logs user and system passwords, which allows local users to obtain sensitive information by reading the cloud log files.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
https://www.eucalyptus.com/resources/security/advisories/esa-26
Scores
EPSS
0.0035
EPSS Percentile
27.2%
Details
CWE
CWE-200
Status
published
Products (17)
eucalyptus/eucalyptus
3.0
eucalyptus/eucalyptus
3.0.1
eucalyptus/eucalyptus
3.1.0
eucalyptus/eucalyptus
3.1.1
eucalyptus/eucalyptus
3.1.2
eucalyptus/eucalyptus
3.2.0
eucalyptus/eucalyptus
3.2.1
eucalyptus/eucalyptus
3.2.2
eucalyptus/eucalyptus
3.3.0
eucalyptus/eucalyptus
3.3.1
... and 7 more
Published
Nov 07, 2014
Tracked Since
Feb 18, 2026