Computer Security
[EN] securityvulns.ru no-pyccku


OpenStack cinder privilege escalation
Published:21.06.2015
Source:
SecurityVulns ID:14548
Type:local
Threat Level:
5/10
Description:Authorized user can access any files.
Affected:OPENSTACK : Cinder 2015.1
CVE:CVE-2015-1851 (OpenStack Cinder before 2014.1.5 (icehouse), 2014.2.x before 2014.2.4 (juno), and 2015.1.x before 2015.1.1 (kilo) allows remote authenticated users to read arbitrary files via a crafted qcow2 signature in an image to the upload-to-image command.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 3292-1] cinder security update (21.06.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod