Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2015/10/05 7:6 a.m.7 views

Swift: unauthorized deletion of versioned Swift object

A flaw was found in OpenStack Object Storage that could allow an authenticated user to delete the most recent version of a versioned object regardless of ownership. To exploit this flaw, an attacker must know the name of the object and have listing access to the x-versions-location container...

5.5CVSS5.8AI score0.03949EPSS
Exploits0References4
NVD
NVD
added 2015/04/17 5:59 p.m.11 views

CVE-2015-1856

OpenStack Object Storage Swift before 2.3.0, when allowversion is configured, allows remote authenticated users to delete the latest version of an object by leveraging listing access to the x-versions-location container...

5.5CVSS6.1AI score0.03949EPSS
Exploits0References11
OSV
OSV
added 2015/04/17 5:59 p.m.3 views

DEBIAN-CVE-2015-1856

OpenStack Object Storage Swift before 2.3.0, when allowversion is configured, allows remote authenticated users to delete the latest version of an object by leveraging listing access to the x-versions-location container...

5.5CVSS6.2AI score0.03949EPSS
Exploits0References1
Prion
Prion
added 2015/04/17 5:59 p.m.23 views

Design/Logic Flaw

OpenStack Object Storage Swift before 2.3.0, when allowversion is configured, allows remote authenticated users to delete the latest version of an object by leveraging listing access to the x-versions-location container...

5.5CVSS6.6AI score0.03949EPSS
Exploits0References11Affected Software2
CVE
CVE
added 2015/04/17 5:0 p.m.99 views

CVE-2015-1856

Summary: CVE-2015-1856 affects OpenStack Object Storage (Swift) where, if allow_version is configured, an authenticated user who has listing access to the x-versions-location container can delete the latest version of a versioned object. This relies on Swift’s versioned-object handling and access...

5.5CVSS6AI score0.03949EPSS
Exploits0References11Affected Software1
Rows per page
Query Builder