Описание
OpenStack Manila <7.4.1, >=8.0.0 <8.1.1, and >=9.0.0 <9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks.
Ссылки
- Mailing ListPatchThird Party Advisory
- Mailing ListPatchThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- PatchVendor Advisory
- Mailing ListPatchThird Party Advisory
- Mailing ListPatchThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Одно из
EPSS
8.3 High
CVSS3
6.5 Medium
CVSS2
Дефекты
Связанные уязвимости
OpenStack Manila <7.4.1, >=8.0.0 <8.1.1, and >=9.0.0 <9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks.
OpenStack Manila <7.4.1, >=8.0.0 <8.1.1, and >=9.0.0 <9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks.
OpenStack Manila <7.4.1, >=8.0.0 <8.1.1, and >=9.0.0 <9.1.1 allows att ...
OpenStack Manila Unprivileged users can retrieve, use and manipulate share networks
Уязвимость программного средства для общего доступа к файлам openstack-manila, связанная с ошибками использования стандартных разрешений, позволяющая нарушителю получить несанкционированный доступ к общим файлам
EPSS
8.3 High
CVSS3
6.5 Medium
CVSS2