Описание
OpenStack Cinder before 2014.1.5 (icehouse), 2014.2.x before 2014.2.4 (juno), and 2015.1.x before 2015.1.1 (kilo) allows remote authenticated users to read arbitrary files via a crafted qcow2 signature in an image to the upload-to-image command.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2:7.0.0~b1-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [1:2014.1.5-0ubuntu1]] |
| precise | DNE | |
| trusty | not-affected | 1:2014.1.5-0ubuntu1 |
| trusty/esm | DNE | trusty was not-affected [1:2014.1.5-0ubuntu1] |
| upstream | released | 2014.1.5,2014.2.4,2015.1.1 |
| utopic | ignored | end of life |
| vivid | released | 1:2015.1.0-0ubuntu1.1 |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
OpenStack Cinder before 2014.1.5 (icehouse), 2014.2.x before 2014.2.4 (juno), and 2015.1.x before 2015.1.1 (kilo) allows remote authenticated users to read arbitrary files via a crafted qcow2 signature in an image to the upload-to-image command.
OpenStack Cinder before 2014.1.5 (icehouse), 2014.2.x before 2014.2.4 (juno), and 2015.1.x before 2015.1.1 (kilo) allows remote authenticated users to read arbitrary files via a crafted qcow2 signature in an image to the upload-to-image command.
OpenStack Cinder before 2014.1.5 (icehouse), 2014.2.x before 2014.2.4 ...
EPSS
6.8 Medium
CVSS2