Описание
Nova 2011.3 and Essex, when using the OpenStack API, allows remote authenticated users to bypass access restrictions for tenants of other users via an OSAPI request with a modified project_id URI parameter.
Ссылки
- Vendor Advisory
- Patch
- Vendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:openstack:essex:*:*:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:2011.3:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.00549
Низкий
4.9 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
ubuntu
около 14 лет назад
Nova 2011.3 and Essex, when using the OpenStack API, allows remote authenticated users to bypass access restrictions for tenants of other users via an OSAPI request with a modified project_id URI parameter.
debian
около 14 лет назад
Nova 2011.3 and Essex, when using the OpenStack API, allows remote aut ...
github
почти 4 года назад
Nova 2011.3 and Essex, when using the OpenStack API, allows remote authenticated users to bypass access restrictions for tenants of other users via an OSAPI request with a modified project_id URI parameter.
EPSS
Процентиль: 67%
0.00549
Низкий
4.9 Medium
CVSS2
Дефекты
CWE-264