Описание
The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.13.0-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [1.13.0-0ubuntu1]] |
| lucid | DNE | |
| precise | released | 1.4.8-0ubuntu2.4 |
| quantal | released | 1.7.4-0ubuntu2.4 |
| raring | ignored | end of life |
| saucy | released | 1.10.0-0ubuntu1.1 |
| trusty | not-affected | 1.13.0-0ubuntu1 |
| trusty/esm | DNE | trusty was not-affected [1.13.0-0ubuntu1] |
| upstream | released | 1.11.0-2 |
Показывать по
4.3 Medium
CVSS2
Связанные уязвимости
The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack.
The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack.
The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 throu ...
OpenStack Swift Discloses Secret URLs to Timing Attack
4.3 Medium
CVSS2