Описание
The ReST API in OpenStack Orchestration API (Heat) before Havana 2013.2.1 and Icehouse before icehouse-2 allows remote authenticated users to bypass the tenant scoping restrictions via a modified tenant_id in the request path.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2014.1~rc1-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [2014.1~rc1-0ubuntu1]] |
| lucid | DNE | |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| saucy | ignored | end of life |
| trusty | not-affected | 2014.1~rc1-0ubuntu1 |
| trusty/esm | DNE | trusty was not-affected [2014.1~rc1-0ubuntu1] |
| upstream | released | 2014.1.rc1 |
Показывать по
EPSS
4 Medium
CVSS2
Связанные уязвимости
The ReST API in OpenStack Orchestration API (Heat) before Havana 2013.2.1 and Icehouse before icehouse-2 allows remote authenticated users to bypass the tenant scoping restrictions via a modified tenant_id in the request path.
The ReST API in OpenStack Orchestration API (Heat) before Havana 2013.2.1 and Icehouse before icehouse-2 allows remote authenticated users to bypass the tenant scoping restrictions via a modified tenant_id in the request path.
The ReST API in OpenStack Orchestration API (Heat) before Havana 2013. ...
The ReST API in OpenStack Orchestration API (Heat) before Havana 2013.2.1 and Icehouse before icehouse-2 allows remote authenticated users to bypass the tenant scoping restrictions via a modified tenant_id in the request path.
EPSS
4 Medium
CVSS2