Описание
virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image.
Ссылки
- Vendor Advisory
- Vendor Advisory
- ExploitPatch
- ExploitPatch
- Vendor Advisory
- Vendor Advisory
- ExploitPatch
- ExploitPatch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:openstack:diablo:2011.3:*:*:*:*:*:*:*
cpe:2.3:a:openstack:essex:2012.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:folsom:2012.2:*:*:*:*:*:*:*
EPSS
Процентиль: 80%
0.01377
Низкий
5.5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
ubuntu
больше 13 лет назад
virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image.
debian
больше 13 лет назад
virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2 ...
github
больше 3 лет назад
OpenStack Nova Arbitrary file injection/corruption through directory traversal issues
EPSS
Процентиль: 80%
0.01377
Низкий
5.5 Medium
CVSS2
Дефекты
CWE-264