Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-9493HistoryJan 07, 2015 - 7:59 p.m.
CVE-2014-9493
2015-01-0719:59:02
Debian Security Bug Tracker
security-tracker.debian.org
15
CVSS2
5.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:N/A:P
EPSS
0.004
Percentile
73.8%
The V2 API in OpenStack Image Registry and Delivery Service (Glance) before 2014.2.2 and 2014.1.4 allows remote authenticated users to read or delete arbitrary files via a full pathname in a file: URL in the image location property.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | glance | < 2014.1.3-6 | glance_2014.1.3-6_all.deb |
| Debian | 11 | all | glance | < 2014.1.3-6 | glance_2014.1.3-6_all.deb |
| Debian | 999 | all | glance | < 2014.1.3-6 | glance_2014.1.3-6_all.deb |
| Debian | 13 | all | glance | < 2014.1.3-6 | glance_2014.1.3-6_all.deb |
Related
veracode
veracode
Arbitrary File Read
2019-01-15 09:04:41
redhat
redhat
(RHSA-2015:0246) Important: openstack-glance security update
2015-02-19 00:00:00
cve
cve
CVE-2014-9493
2015-01-07 19:59:02
CVE-2015-1195
2015-01-21 18:59:56
prion
prion
Design/Logic Flaw
2015-01-07 19:59:00
Design/Logic Flaw
2015-01-21 18:59:00
nvd
nvd
CVE-2014-9493
2015-01-07 19:59:02
CVE-2015-1195
2015-01-21 18:59:56
cvelist
cvelist
CVE-2014-9493
2015-01-07 19:00:00
CVE-2015-1195
2015-01-21 18:00:00
debiancve
debiancve
CVE-2015-1195
2015-01-21 18:59:56
github
github
ubuntucve
ubuntucve
CVE-2014-9493
2015-01-07 00:00:00
CVE-2015-1195
2015-01-21 00:00:00
CVSS2
5.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:N/A:P
EPSS
0.004
Percentile
73.8%
Related for DEBIANCVE:CVE-2014-9493