Monday, June 22, 2020

Security Bulletin: PowerVC is impacted by an Openstack Nova vulnerability which could leak consoleauth tokens into log files (CVE-2015-9543)

Share this post:

An issue discovered in Openstack Nova can leak consoleauth tokens into log files which can be used by an attacker with access to service’s log files to gain additional access in to the Openstack based deployment.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM PowerVC Standard 1.4.3
IBM Cloud PowerVC Manager 1.4.3

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6236922



from IBM Product Security Incident Response Team https://ift.tt/2ARL0Rv

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.