5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.002 Low
EPSS
Percentile
53.9%
The python-glanceclient package provides a client for the OpenStack Glance
API.
It was discovered that the Python Glance client did not properly check
SSL certificates. An attacker could use this flaw to conduct
man-in-the-middle attacks. (CVE-2013-4111)
Red Hat would like to thank the OpenStack project for reporting this issue.
Upstream acknowledges Thomas Leaman of HP as the original reporter.
All users of python-glanceclient are advised to upgrade to this updated
package, which corrects this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | src | python-glanceclient | < 0.9.0-2.el6ost | python-glanceclient-0.9.0-2.el6ost.src.rpm |
RedHat | 6 | noarch | python-glanceclient | < 0.9.0-2.el6ost | python-glanceclient-0.9.0-2.el6ost.noarch.rpm |