Launchpad.net

CVE 2019-3830

A vulnerability was found in ceilometer before version 12.0.0.0rc1. An Information Exposure in ceilometer-agent prints sensitive configuration data to log files without DEBUG logging being activated.

Related bugs and status

CVE-2019-3830 (Candidate) is related to these bugs:

Bug #1811098: [SRU] ceilometer writing snmp credentials to log file

		In	Importance	Status
1811098	[SRU] ceilometer writing snmp credentials to log file	Ceilometer	Undecided	In Progress
1811098	[SRU] ceilometer writing snmp credentials to log file	Ubuntu Cloud Archive	High	Fix Released
1811098	[SRU] ceilometer writing snmp credentials to log file	ceilometer (Ubuntu)	High	Fix Released
1811098	[SRU] ceilometer writing snmp credentials to log file	Ubuntu Cloud Archive queens	High	Fix Released
1811098	[SRU] ceilometer writing snmp credentials to log file	Ubuntu Cloud Archive rocky	High	Fix Released
1811098	[SRU] ceilometer writing snmp credentials to log file	Ubuntu Cloud Archive stein	High	Fix Released
1811098	[SRU] ceilometer writing snmp credentials to log file	ceilometer (Ubuntu Bionic)	High	Fix Released
1811098	[SRU] ceilometer writing snmp credentials to log file	ceilometer (Ubuntu Cosmic)	High	Fix Released
1811098	[SRU] ceilometer writing snmp credentials to log file	ceilometer (Ubuntu Disco)	High	Fix Released
1811098	[SRU] ceilometer writing snmp credentials to log file	Ubuntu Cloud Archive ocata	High	Triaged
1811098	[SRU] ceilometer writing snmp credentials to log file	Ubuntu Cloud Archive pike	High	Triaged

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://bugzilla.redha...
REDHAT: RHSA-2019:0919