6 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-7200
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An SSRF issue was discovered in OpenStack Glance before Newton. The 'copyfrom' feature in the Image Service API v1 allowed an attacker to perform masked network...
RHEL 6 : openstack-glance (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openstack-glance: API v1 copyfrom reveals network details CVE-2017-7200 - A vulnerability was found in...
Security Bulletin: IBM PowerVC is impacted by OpenStack Glance server-side request forgery (CVE-2017-7200)
Summary IBM PowerVC may disclose some sensitive information while creating images with 'copyfrom' feature in the v1 Image Service API. Vulnerability Details CVEID: CVE-2017-7200 DESCRIPTION: OpenStack Glance is vulnerable to server-side request forgery, caused by a flaw in the 'copyfrom' feature ...
CVE-2017-7200
An SSRF issue was discovered in OpenStack Glance before Newton. The 'copyfrom' feature in the Image Service API v1 allowed an attacker to perform masked network port scans. With v1, it is possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to...
CVE-2017-7200
OpenStack Glance before Newton is affected by CVE-2017-7200: an SSRF via the copy_from feature in API v1 lets an attacker create images with a URL like http://localhost:22, enabling masked network port scans and potential internal network enumeration originating from the Glance service. The vulne...
CVE-2017-7200
The copyfrom feature in Image Service API v1 allows an attacker to perform masked network port scans. It is possible to create images with a URL such as 'http://localhost:22'. This could allow an attacker to enumerate internal network details while appearing masked, because the scan appears to...