Описание
OpenStack Object Storage (Swift) before 2.3.0, when allow_version is configured, allows remote authenticated users to delete the latest version of an object by leveraging listing access to the x-versions-location container.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2.2.2-0ubuntu1.3 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1.13.1-0ubuntu1.2]] |
| lucid | DNE | |
| precise | not-affected | 1.4.8-0ubuntu2.4 |
| trusty | released | 1.13.1-0ubuntu1.2 |
| trusty/esm | DNE | trusty was released [1.13.1-0ubuntu1.2] |
| upstream | needs-triage | |
| utopic | ignored | end of life |
| vivid | released | 2.2.2-0ubuntu1.3 |
Показывать по
5.5 Medium
CVSS2
Связанные уязвимости
OpenStack Object Storage (Swift) before 2.3.0, when allow_version is configured, allows remote authenticated users to delete the latest version of an object by leveraging listing access to the x-versions-location container.
OpenStack Object Storage (Swift) before 2.3.0, when allow_version is configured, allows remote authenticated users to delete the latest version of an object by leveraging listing access to the x-versions-location container.
OpenStack Object Storage (Swift) before 2.3.0, when allow_version is c ...
OpenStack Swift Unauthorized delete of versioned Swift object
5.5 Medium
CVSS2