Описание
The v2 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4573.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:openstack:essex:2012.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:folsom:2012.2:*:*:*:*:*:*:*
cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):-:*:*:*:*:*:*:*
EPSS
Процентиль: 80%
0.01403
Низкий
5.5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
ubuntu
около 13 лет назад
The v2 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4573.
debian
около 13 лет назад
The v2 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (20 ...
github
больше 3 лет назад
OpenStack Glance arbitrary deletion of non-protected images
EPSS
Процентиль: 80%
0.01403
Низкий
5.5 Medium
CVSS2
Дефекты
CWE-264