Lucene search
GoogleOSV:GHSA-Q748-MCWG-XMQVHistoryMay 17, 2022 - 4:04 a.m.
OpenStack Image Service (Glance) allows remote authenticated users to bypass access restrictions
2022-05-1704:04:02
Google
osv.dev
5
0.001 Low
EPSS
Percentile
46.8%
OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allow remote authenticated users to change the status of their images and bypass access restrictions via the HTTP x-image-meta-status header to images/*.
References
access.redhat.com/errata/RHSA-2015:1897
access.redhat.com/security/cve/CVE-2015-5251
bugs.launchpad.net/bugs/1482371
bugzilla.redhat.com/show_bug.cgi?id=1263511
nvd.nist.gov/vuln/detail/CVE-2015-5251
opendev.org/openstack/glance
rhn.redhat.com/errata/RHSA-2015-1897.html
security.openstack.org/ossa/OSSA-2015-019.html
Related
cvelist
cvelist
CVE-2015-5251
2015-10-26 17:00:00
veracode
veracode
Authorization Bypass
2019-01-15 09:07:54
Denial Of Service
2019-05-02 05:18:59
prion
prion
Design/Logic Flaw
2015-10-26 17:59:00
github
github
cve
cve
CVE-2015-5251
2015-10-26 17:59:06
ubuntucve
ubuntucve
CVE-2015-5251
2015-09-22 00:00:00
debiancve
debiancve
CVE-2015-5251
2015-10-26 17:59:06
nvd
nvd
CVE-2015-5251
2015-10-26 17:59:06
redhat
redhat
(RHSA-2015:1897) Moderate: openstack-glance security update
2015-10-15 12:09:50
ubuntu
ubuntu
OpenStack Glance vulnerabilities
2017-10-11 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3446-1)
2017-10-12 00:00:00
nessus
nessus
Ubuntu 14.04 LTS : OpenStack Glance vulnerabilities (USN-3446-1)
2017-10-12 00:00:00