CVE-2014-5037

Name of the Vulnerable Software and Affected Versions Eucalyptus versions 4.0.0 through 4.0.1

Description The issue allows local users to obtain sensitive information by reading cloud-requests.log when the log level is set to INFO. This is because user and system passwords are logged, which can be accessed locally.

Recommendations For Eucalyptus versions 4.0.0 through 4.0.1, consider changing the log level from INFO to a less sensitive setting to prevent logging of user and system passwords. Additionally, restrict access to the cloud-requests.log file to minimize the risk of exploitation.