Lucene search

K
nvd[email protected]NVD:CVE-2014-0162
HistoryApr 27, 2014 - 8:55 p.m.

CVE-2014-0162

2014-04-2720:55:23
CWE-20
web.nvd.nist.gov

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.9%

The Sheepdog backend in OpenStack Image Registry and Delivery Service (Glance) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote authenticated users with permission to insert or modify an image to execute arbitrary commands via a crafted location.

Affected configurations

NVD
Node
openstackicehouseMatchrc-1
OR
openstackimage_registry_and_delivery_service_\(glance\)Match2013.2
OR
openstackimage_registry_and_delivery_service_\(glance\)Match2013.2.1
OR
openstackimage_registry_and_delivery_service_\(glance\)Match2013.2.2
OR
openstackimage_registry_and_delivery_service_\(glance\)Match2013.2.3

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.9%