Описание
OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to obtain sensitive information (flavor properties), boot arbitrary flavors, and possibly have other unspecified impacts by guessing the flavor id.
Ссылки
- Third Party Advisory
- Mailing ListPatchThird Party Advisory
- ExploitThird Party Advisory
- Third Party Advisory
- Mailing ListPatchThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
6 Medium
CVSS2
Дефекты
Связанные уязвимости
OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to obtain sensitive information (flavor properties), boot arbitrary flavors, and possibly have other unspecified impacts by guessing the flavor id.
OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to obtain sensitive information (flavor properties), boot arbitrary flavors, and possibly have other unspecified impacts by guessing the flavor id.
OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 do ...
OpenStack Compute (Nova) allows remote authenticated users to obtain sensitive information
EPSS
6 Medium
CVSS2