Cross-site Scripting (XSS)

python-django-horizon is vulnerable to cross-site scripting XSS. A DOM-based, cross-site scripting vulnerability was found in the OpenStack dashboard, where user input was not filtered correctly. An authenticated dashboard user could exploit the flaw by injecting an AngularJS template into a...

Arbitrary File Read

openstack-nova is vulnerable to arbitrary file read attacks. The vulnerability exists as the libvirt driver in OpenStack Compute Nova before 2015.1.4 kilo and 12.0.x before 12.0.3 liberty, when using raw storage and usecowimages is set to false, allows remote authenticated users to read arbitrary...

Authorization Bypass

openstack-glance is vulnerable to authorization bypass. An authorization vulnerability allowed image-status manipulation using locations. By removing the last location of an image, an authenticated user could change the status from 'active' to 'queue'. A malicious tenant could exploit this flaw t...

Denial Of Service (DoS)

openstack-heat is vulnerable to denial of service DoS attacks. The vulnerability exists as the template-validate command in OpenStack Orchestration API Heat before 2015.1.3 kilo and 5.0.x before 5.0.1 liberty allows remote authenticated users to cause a denial of service memory consumption or...

Denial Of Service (DoS)

openstack-swift is vulnerable to denial of service. A memory-leak issue was found in OpenStack Object Storage swift, in the client-to-proxy connection. An OpenStack-authenticated attacker could remotely trigger this flaw to cause denial of service through excess memory consumption...

Arbitrary File Read

openstack-nova is vulnerable to arbitrary file read. A flaw was discovered in the OpenStack Compute nova snapshot feature when using the libvirt driver. A compute user could overwrite an attached instance disk with a malicious header specifying a backing file, and then request a snapshot, causing...

Authorization Bypass

openstack-nova is vulnerable to authorization bypass. A vulnerability was discovered in the way OpenStack Compute nova networking handled security group updates; changes were not applied to already running VM instances. A remote attacker could use this flaw to access running VM instances...

Spoofing Metadata Requests

tripleo-heat-templates is vulnerable to spoofing of metadata requests. It is due to having the bad default setting of a blank value for the NeutronMetadataProxySharedSecret parameter when it is deployed from the command line interface. Not setting the value to this parameter means Neutron does no...

Arbitrary Code Execution

openstack-ironic-discoverd is vulnerable to arbitrary code execution. It was discovered that enabling debug mode in openstack-ironic-discoverd also enables debug mode in the underlying Flask framework. If errors are encountered while Flask is in debug mode, a user experiencing an error may be abl...

Anti-Spoofing Controls Bypass

openstack-neutron is vulnerable to anti-spoofing controls bypass. Authenticated users using the ML2 plugin or the security groups AMQP API are able to set the deviceowner field to an arbitrary value starting with network: on networks they do not own. Setting the affected field before the security...

Authorization Bypass

openstack-glance is vulnerable to authorization bypass. A flaw was discovered in the OpenStack Image service where a tenant could manipulate the status of their images by submitting an HTTP PUT request together with an 'x-image-meta-status' header. A malicious tenant could exploit this flaw to...

Information Disclosure

openstack-swift is vulnerable to information disclosure attacks. The vulnerability exists as OpenStack Object Storage Swift before 2.4.0 allows attackers to obtain sensitive information via a PUT tempurl and a DLO object manifest that references an object in another container...

Authorization Bypass

gluster-swift is vulnerable to authorization bypass. A flaw was found in the metadata constraints in Red Hat Gluster Storage's OpenStack Object Storage swiftonfile. By adding metadata in several separate calls, a malicious user could bypass the maxmetacount constraint, and store more metadata tha...

Denial Of Service (DoS)

openstack-nova is vulnerable to denial of service DoS attacks. The vulnerability exists as OpenStack Compute nova 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service...

Denial Of Service (DoS)

openstack-neutron is vulnerable to denial of service DoS attacks. The vulnerability exists as OpenStack Neutron before 2014.2.4 juno and 2015.1.x before 2015.1.1 kilo, when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service L2 agent crash by adding ...

Cross-site Scripting (XSS)

python-django-horizon is vulnerable to cross-site scripting XSS attacks. The vulnerability exists as the Orchestration/Stack section in OpenStack Dashboard Horizon 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the descriptio...

Authorization Bypass

openstack-swift is vulnerable to authorization bypass attacks. The vulnerability exists as OpenStack Object Storage Swift before 2.3.0, when allowversion is configured, allows remote authenticated users to delete the latest version of an object by leveraging listing access to the...

Arbitrary File Read

openstack-glance is vulnerable to arbitrary file read. A flaw was found in the OpenStack Image Service glance import task action. When processing a malicious qcow2 header, glance could be tricked into reading an arbitrary file from the glance host. Only setups using the glance V2 API are affected...

Denial Of Service (DoS)

openstack-glance is vulnerable to denial of service DoS attacks. The vulnerability exists as OpenStack Image Registry and Delivery Service Glance 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service disk consumption by...

Denial Of Service (DoS)

openstack-nova is vulnerable to denial of service. The VM instances performed look-ups based on an IP address filter that is not properly processed, allowing an attacker with sufficient privileges in the OpenStack installation with a large amount of VMs to cause excessive CPU consumption in the...