Описание
A vulnerability was found in openstack-cinder releases up to and including Queens, allowing newly created volumes in certain storage volume configurations to contain previous data. It specifically affects ScaleIO volumes using thin volumes and zero padding. This could lead to leakage of sensitive information between tenants.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- MitigationThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- MitigationThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
5.1 Medium
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
A vulnerability was found in openstack-cinder releases up to and including Queens, allowing newly created volumes in certain storage volume configurations to contain previous data. It specifically affects ScaleIO volumes using thin volumes and zero padding. This could lead to leakage of sensitive information between tenants.
A vulnerability was found in openstack-cinder releases up to and including Queens, allowing newly created volumes in certain storage volume configurations to contain previous data. It specifically affects ScaleIO volumes using thin volumes and zero padding. This could lead to leakage of sensitive information between tenants.
A vulnerability was found in openstack-cinder releases up to and inclu ...
A vulnerability was found in openstack-cinder releases up to and including Queens, allowing newly created volumes in certain storage volume configurations to contain previous data. It specifically affects ScaleIO volumes using thin volumes and zero padding. This could lead to leakage of sensitive information between tenants.
EPSS
5.1 Medium
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2