CVE-2019-3830
HIGHOpenstack Ceilometer < 11.01 - Log Information Exposure
Title source: ruleDescription
A vulnerability was found in ceilometer before version 12.0.0.0rc1. An Information Exposure in ceilometer-agent prints sensitive configuration data to log files without DEBUG logging being activated.
References (2)
Core 2
Core References
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3830
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:0919
Scores
CVSS v3
7.8
EPSS
0.0011
EPSS Percentile
29.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-532
Status
published
Products (3)
openstack/ceilometer
< 11.01
pypi/ceilometer
0 - 12.0.0.0rc1PyPI
redhat/openstack
10
Published
Mar 26, 2019
Tracked Since
Feb 18, 2026