Design/Logic Flaw

OpenStack Orchestration API Heat 2013.2 through 2013.2.3 and 2014.1, when creating the stack for a template using a provider template, allows remote authenticated users to obtain the provider template URL via the resource-type-list...

CVE-2014-3801

OpenStack Orchestration API Heat 2013.2 through 2013.2.3 and 2014.1, when creating the stack for a template using a provider template, allows remote authenticated users to obtain the provider template URL via the resource-type-list...

CVE-2014-3801

OpenStack Heat (Orchestration) vulnerability CVE-2014-3801 affects Heat 2013.2 through 2013.2.3 and 2014.1, where creating a stack for a template using a provider template could let remote authenticated users obtain the provider template URL via the resource-type-list. The Red Hat advisory RHSA-2...

CVE-2014-3801

OpenStack Orchestration API Heat 2013.2 through 2013.2.3 and 2014.1, when creating the stack for a template using a provider template, allows remote authenticated users to obtain the provider template URL via the resource-type-list...

UBUNTU-CVE-2014-3801

OpenStack Orchestration API Heat 2013.2 through 2013.2.3 and 2014.1, when creating the stack for a template using a provider template, allows remote authenticated users to obtain the provider template URL via the resource-type-list...

CVE-2014-3801

OpenStack Orchestration API Heat 2013.2 through 2013.2.3 and 2014.1, when creating the stack for a template using a provider template, allows remote authenticated users to obtain the provider template URL via the resource-type-list...

Fedora Update for openstack-glance FEDORA-2014-5198

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2013-4471

The Identity v3 API in OpenStack Dashboard Horizon before 2013.2 does not require the current password when changing passwords for user accounts, which makes it easier for remote attackers to change a user password by leveraging the authentication token for that user...

CVE-2013-4471

The Identity v3 API in OpenStack Dashboard Horizon before 2013.2 does not require the current password when changing passwords for user accounts, which makes it easier for remote attackers to change a user password by leveraging the authentication token for that user...

DEBIAN-CVE-2013-4471

The Identity v3 API in OpenStack Dashboard Horizon before 2013.2 does not require the current password when changing passwords for user accounts, which makes it easier for remote attackers to change a user password by leveraging the authentication token for that user...

Design/Logic Flaw

The Identity v3 API in OpenStack Dashboard Horizon before 2013.2 does not require the current password when changing passwords for user accounts, which makes it easier for remote attackers to change a user password by leveraging the authentication token for that user...

CVE-2013-4471

The Identity v3 API in OpenStack Dashboard Horizon before 2013.2 does not require the current password when changing passwords for user accounts, which makes it easier for remote attackers to change a user password by leveraging the authentication token for that user...

CVE-2013-4471

CVE-2013-4471 concerns the Identity v3 API in OpenStack Dashboard (Horizon) prior to 2013.2, where the password-change flow does not require the current password, allowing an attacker with a valid authentication token to change a user’s password. Affected component: Horizon’s Identity v3 password...

CVE-2013-4471

The Identity v3 API in OpenStack Dashboard Horizon before 2013.2 does not require the current password when changing passwords for user accounts, which makes it easier for remote attackers to change a user password by leveraging the authentication token for that user...

CVE-2013-4471

The Identity v3 API in OpenStack Dashboard Horizon before 2013.2 does not require the current password when changing passwords for user accounts, which makes it easier for remote attackers to change a user password by leveraging the authentication token for that user...

[SECURITY] Fedora 20 Update: openstack-glance-2013.2.3-3.fc20

OpenStack Image Service code-named Glance provides discovery, registratio n, and delivery services for virtual disk images. The Image Service API server provides a standard REST interface for querying information about virtual d isk images stored in a variety of back-end stores, including OpenSta...

Fedora 20 : openstack-glance-2013.2.3-3.fc20 (2014-5198)

OpenStack Security Advisory: 2014-012 CVE: CVE-2014-0162 Date: April 10, 2014 Title: Remote code execution in Glance Sheepdog backend Reporter: Paul McMillan Nebula Products: Glance Versions: from 2013.2 to 2013.2.3 Description: Paul McMillan from Nebula reported a vulnerability in Glance Sheepdo...

Ubuntu: Security Advisory (USN-2206-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2208-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for quantum USN-2208-2

Check for the Version of quantum OpenVAS Vulnerability Test $Id: gbubuntuUSN22082.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for quantum USN-2208-2 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software...