Описание
OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to obtain sensitive information (flavor properties), boot arbitrary flavors, and possibly have other unspecified impacts by guessing the flavor id.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenStack Platform 4 | openstack-nova | Affected | ||
| OpenStack 3 for RHEL 6 | openstack-nova | Fixed | RHSA-2013:1199 | 03.09.2013 |
Показывать по
Дополнительная информация
Статус:
5.5 Medium
CVSS2
Связанные уязвимости
OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to obtain sensitive information (flavor properties), boot arbitrary flavors, and possibly have other unspecified impacts by guessing the flavor id.
OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to obtain sensitive information (flavor properties), boot arbitrary flavors, and possibly have other unspecified impacts by guessing the flavor id.
OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 do ...
OpenStack Compute (Nova) allows remote authenticated users to obtain sensitive information
5.5 Medium
CVSS2