cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <>
Subject [jira] [Commented] (CLOUDSTACK-9983) Don't return username/password details in the listClusters response
Date Sat, 22 Jul 2017 09:12:01 GMT


ASF subversion and git services commented on CLOUDSTACK-9983:

Commit 07fda3b39548d0199e762586bb1bd0174dc538f0 in cloudstack's branch refs/heads/master from
[;h=07fda3b ]

CLOUDSTACK-9983: Hide credentials in listClusters response

This removes username and passwords details from the listClusters
response. The details are usually seen in VMware environments only.
With dynamic roles features, the listClusters API may be provided
to a read-only root-admin user role/type which should not be able to get
the credentials.

Signed-off-by: Rohit Yadav <>

> Don't return username/password details in the listClusters response
> -------------------------------------------------------------------
>                 Key: CLOUDSTACK-9983
>                 URL:
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>            Reporter: Rohit Yadav
>            Assignee: Rohit Yadav
>             Fix For: Future,,
> The listClusters API response may contain VMware dc username/password as part of its
details. The response should not expose this details.

This message was sent by Atlassian JIRA

View raw message