USN-2249-1: OpenStack Heat vulnerability
18 June 2014
OpenStack Heat would expose sensitive information over the network.
- heat - OpenStack Orchestration Service
Jason Dunsmore discovered that OpenStack heat did not properly restrict
access to template information. A remote authenticated attacker could
exploit this to see URL provider templates of other tenants for a limited