← Back

Ceilometer

ceilometer

Vendor: Openstack • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-3830
2Openstack
Redhat
2Ceilometer
Openstack
Nov 21, 2024
Mar 26, 2019
N/A· v4
7.8 HIGH· v3
2.1 LOW· v2
A vulnerability was found in ceilometer before version 12.0.0.0rc1. An Information Exposure in ceilometer-agent prints sensitive configuration data to log files without DEBUG logging being activated.
CVE-2013-6384
1Openstack
1Ceilometer
Apr 29, 2026
Nov 23, 2013
N/A· v4
N/A· v3
1.9 LOW· v2
(1) impl_db2.py and (2) impl_mongodb.py in OpenStack Ceilometer 2013.2 and earlier, when the logging level is set to INFO, logs the connection string from ceilometer.conf, which allows local users to obtain sensitive inf...Show more
(1) impl_db2.py and (2) impl_mongodb.py in OpenStack Ceilometer 2013.2 and earlier, when the logging level is set to INFO, logs the connection string from ceilometer.conf, which allows local users to obtain sensitive information (the DB2 or MongoDB password) by reading the log file.Show less