7747 matches found
CVE-2015-7713
OpenStack Compute Nova before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made...
CVE-2015-7713
OpenStack Compute Nova before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made...
CVE-2015-7713
OpenStack Compute Nova before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made...
PT-2015-7591 · Openstack +1 · Openstack Compute +1
Name of the Vulnerable Software and Affected Versions: OpenStack Compute Nova versions prior to 2014.2.4 juno OpenStack Compute Nova versions 2015.1.x prior to 2015.1.2 kilo Description: The issue allows remote attackers to bypass intended restrictions by leveraging an instance that was running...
OpenStack Nova Unauthorized Operation Vulnerability
OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration and Rackspace, Inc. in the U.S. OpenStack Nova is one of the cloud computing construct controllers written in Python. It is part of the IaaS system. A security vulnerability exists in...
UBUNTU-CVE-2015-7713
OpenStack Compute Nova before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made...
Multiple Vulnerabilities in OpenStack Image Service
OpenStack is a cloud platform management project developed by the National Aeronautics and Space Administration NASA in collaboration with Rackspace, Inc. in the U.S. Image Service Glance is one of the projects that can store, query, and retrieve virtual machine Image Service Glance is one of the...
OpenStack Image Service Access Restriction Bypass Vulnerability
OpenStack is a cloud platform management project developed by the National Aeronautics and Space Administration NASA in collaboration with Rackspace, Inc. in the U.S. Image Service Glance is one of the projects that can store, query, and retrieve virtual machine Image Service Glance is one of the...
Multiple Vulnerabilities in OpenStack Object Storage
OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration in collaboration with Rackspace in the U.S. OpenStack Object Storage a.k.a. Swift is one of these programs used to storage project for storing permanent static data. A security...
DEBIAN-CVE-2015-5240
Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group...
CVE-2015-5240
Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group...
CVE-2015-5240
Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group...
Race condition
Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group...
CVE-2015-5240
Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group...
CVE-2015-5240
Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group...
CVE-2015-5240
CVE-2015-5240 is a race-condition flaw in OpenStack Neutron prior to 2014.2.4 and 2015.1 prior to 2015.1.2 that affects the ML2 plugin or the security groups AMQP API. An authenticated user could bypass IP anti-spoofing/firewall checks by changing the owner of a port to start with network: after ...
CVE-2015-5240
Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group...
CVE-2015-5286
OpenStack Image Service Glance before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo allows remote authenticated users to bypass the storage quota and cause a denial of service disk consumption by deleting images that are being uploaded using a token that expires during the process. NOTE: this...
CVE-2015-5286
OpenStack Image Service Glance before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo allows remote authenticated users to bypass the storage quota and cause a denial of service disk consumption by deleting images that are being uploaded using a token that expires during the process. NOTE: this...
CVE-2015-5251
OpenStack Image Service Glance before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo allow remote authenticated users to change the status of their images and bypass access restrictions via the HTTP x-image-meta-status header to images/...