2 matches found
CVE-2013-2256
OpenStack Compute Nova before 2013.1.3 and Havana before havana-2 does not properly enforce the os-flavor-access:ispublic property, which allows remote authenticated users to obtain sensitive information flavor properties, boot arbitrary flavors, and possibly have other unspecified impacts by...
CVE-2013-4278
CVE-2013-4278 refers to a vulnerability in OpenStack Compute (Nova) where the flavor access control check (os-flavor-access:is_public) is not properly enforced. This allows remote authenticated users to boot arbitrary flavors by guessing flavor IDs, stemming from an incomplete fix for CVE-2013-22...