CVE-2014-5038 - Vulnerability Details

Vendors	Products
Eucalyptus	Eucalyptus

Link	Providers
https://www.eucalyptus.com/resources/security/advisories/esa-26

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-10-20T00:00:00", "descriptions": [{"lang": "en", "value": "Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or lower, logs user and system passwords, which allows local users to obtain sensitive information by reading the cloud log files."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-11-07T18:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.eucalyptus.com/resources/security/advisories/esa-26"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-5038", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or lower, logs user and system passwords, which allows local users to obtain sensitive information by reading the cloud log files."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.eucalyptus.com/resources/security/advisories/esa-26", "refsource": "CONFIRM", "url": "https://www.eucalyptus.com/resources/security/advisories/esa-26"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T11:34:37.291Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.eucalyptus.com/resources/security/advisories/esa-26"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-5038", "datePublished": "2014-11-07T19:00:00", "dateReserved": "2014-07-22T00:00:00", "dateUpdated": "2024-08-06T11:34:37.291Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2014-10-20T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or lower, logs user and system passwords, which allows local users to obtain sensitive information by reading the cloud log files. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2014-11-07T18:57:00 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://www.eucalyptus.com/resources/security/advisories/esa-26 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2014-5038 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or lower, logs user and system passwords, which allows local users to obtain sensitive information by reading the cloud log files. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://www.eucalyptus.com/resources/security/advisories/esa-26 (string)

refsource : CONFIRM (string)

url : https://www.eucalyptus.com/resources/security/advisories/esa-26 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T11:34:37.291Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://www.eucalyptus.com/resources/security/advisories/esa-26 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2014-5038 (string)

datePublished : 2014-11-07T19:00:00 (string)

dateReserved : 2014-07-22T00:00:00 (string)

dateUpdated : 2024-08-06T11:34:37.291Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AB322B1B-8FE8-4CEF-A7F4-B86F131F9116", "vulnerable": true}, {"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2ECBDD1A-8E7A-48C0-B638-815DDC3A3A4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:3.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "043A9574-806B-429F-9878-AFEEC2334AF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "926B4E5D-804D-4E03-B5A6-17F127D99F96", "vulnerable": true}, {"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "BBC42BF2-045F-46FF-820B-C420B2A0029B", "vulnerable": true}, {"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:3.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "3FB5BCB7-CEE7-4A5A-8F55-02944F1FD1A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "6F3DDB7D-6A8F-4E0A-AA30-724FC9DAEA57", "vulnerable": true}, {"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "4846C583-68DC-4F3A-B0A3-B130D776F0E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:3.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFE3475-D8B5-4A24-A276-B46A2FF7DE95", "vulnerable": true}, {"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "0B9C730D-C4EB-436E-9C10-461F6B88AD1F", "vulnerable": true}, {"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:3.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "BA13D0DF-09E5-4BE2-8BFE-E2BA54F8B20B", "vulnerable": true}, {"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:3.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "824E50DE-8C83-4761-876D-C19FA25AC5E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:3.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "300B5D1C-419D-49A2-93BE-F4CC43D41407", "vulnerable": true}, {"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:3.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "B0E3EDA2-578C-458C-9C70-0E107AFB3509", "vulnerable": true}, {"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "75C8E8B6-0324-4622-A362-8F118E0FD682", "vulnerable": true}, {"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A5215E04-773F-49E3-83C3-C00B65484674", "vulnerable": true}, {"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3722B29B-DFAC-4C45-92DE-AA2825A47C4C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or lower, logs user and system passwords, which allows local users to obtain sensitive information by reading the cloud log files."}, {"lang": "es", "value": "Eucalyptus 3.0.0 hasta 4.0.1, cuando el nivel del registro est\u00e1 configurado en DEBUG o m\u00e1s bajo, registra las contrase\u00f1as de usuarios y sistemas, lo que permite a usuarios locales obtener informaci\u00f3n sensible mediante la lectura de los ficheros del registro de la nube."}], "id": "CVE-2014-5038", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-11-07T19:55:03.793", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.eucalyptus.com/resources/security/advisories/esa-26"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.eucalyptus.com/resources/security/advisories/esa-26"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:eucalyptus:eucalyptus:3.0:*:*:*:*:*:*:* (string)

matchCriteriaId : AB322B1B-8FE8-4CEF-A7F4-B86F131F9116 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:eucalyptus:eucalyptus:3.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 2ECBDD1A-8E7A-48C0-B638-815DDC3A3A4B (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:eucalyptus:eucalyptus:3.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 043A9574-806B-429F-9878-AFEEC2334AF6 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:eucalyptus:eucalyptus:3.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 926B4E5D-804D-4E03-B5A6-17F127D99F96 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:eucalyptus:eucalyptus:3.1.2:*:*:*:*:*:*:* (string)

matchCriteriaId : BBC42BF2-045F-46FF-820B-C420B2A0029B (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:eucalyptus:eucalyptus:3.2.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 3FB5BCB7-CEE7-4A5A-8F55-02944F1FD1A4 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:eucalyptus:eucalyptus:3.2.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 6F3DDB7D-6A8F-4E0A-AA30-724FC9DAEA57 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:eucalyptus:eucalyptus:3.2.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 4846C583-68DC-4F3A-B0A3-B130D776F0E6 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:eucalyptus:eucalyptus:3.3.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 2DFE3475-D8B5-4A24-A276-B46A2FF7DE95 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:eucalyptus:eucalyptus:3.3.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 0B9C730D-C4EB-436E-9C10-461F6B88AD1F (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:eucalyptus:eucalyptus:3.3.2:*:*:*:*:*:*:* (string)

matchCriteriaId : BA13D0DF-09E5-4BE2-8BFE-E2BA54F8B20B (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:eucalyptus:eucalyptus:3.4.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 824E50DE-8C83-4761-876D-C19FA25AC5E2 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:eucalyptus:eucalyptus:3.4.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 300B5D1C-419D-49A2-93BE-F4CC43D41407 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:eucalyptus:eucalyptus:3.4.2:*:*:*:*:*:*:* (string)

matchCriteriaId : B0E3EDA2-578C-458C-9C70-0E107AFB3509 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:eucalyptus:eucalyptus:3.4.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 75C8E8B6-0324-4622-A362-8F118E0FD682 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:eucalyptus:eucalyptus:4.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : A5215E04-773F-49E3-83C3-C00B65484674 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:eucalyptus:eucalyptus:4.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 3722B29B-DFAC-4C45-92DE-AA2825A47C4C (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or lower, logs user and system passwords, which allows local users to obtain sensitive information by reading the cloud log files. (string)

}

1 : { »

lang : es (string)

value : Eucalyptus 3.0.0 hasta 4.0.1, cuando el nivel del registro está configurado en DEBUG o más bajo, registra las contraseñas de usuarios y sistemas, lo que permite a usuarios locales obtener información sensible mediante la lectura de los ficheros del registro de la nube. (string)

}

]

id : CVE-2014-5038 (string)

lastModified : 2025-04-12T10:46:40.837 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : LOW (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : LOCAL (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 2.1 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : NONE (string)

vectorString : AV:L/AC:L/Au:N/C:P/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2014-11-07T19:55:03.793 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : https://www.eucalyptus.com/resources/security/advisories/esa-26 (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : https://www.eucalyptus.com/resources/security/advisories/esa-26 (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-200 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object