{
  "modified": "2025-08-09T19:01:28Z",
  "published": "2014-10-08T19:55:04Z",
  "id": "CVE-2014-7230",
  "details": "The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.",
  "references": [
    {
      "type": "ADVISORY",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1939.html"
    },
    {
      "type": "ADVISORY",
      "url": "http://seclists.org/oss-sec/2014/q3/853"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.securityfocus.com/bid/70185"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.ubuntu.com/usn/USN-2405-1"
    },
    {
      "type": "ADVISORY",
      "url": "https://bugs.launchpad.net/oslo-incubator/+bug/1343604"
    },
    {
      "type": "ADVISORY",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96725"
    },
    {
      "type": "ARTICLE",
      "url": "http://seclists.org/oss-sec/2014/q3/853"
    }
  ]
}