Описание
OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2:12.0.0-0ubuntu2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1:2014.1.5-0ubuntu1.7]] |
| esm-infra/xenial | not-affected | 2:12.0.0-0ubuntu2 |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| trusty | released | 1:2014.1.5-0ubuntu1.7 |
| trusty/esm | DNE | trusty was released [1:2014.1.5-0ubuntu1.7] |
| upstream | needs-triage | |
| vivid | not-affected | 1:2015.1.2-0ubuntu1 |
| vivid/stable-phone-overlay | DNE |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made.
OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made.
OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 20 ...
OpenStack Compute (Nova) allows remote attackers to bypass intended restriction
Security update for openstack-nova and openstack-neutron
EPSS
5 Medium
CVSS2