Essex Security Vulnerabilities and Issues — Essex CVE List

Lucene search

OpenstackEssex

4 matches found

CVE•added 2012/07/31 10:45 a.m.•64 views

CVE-2012-3426

OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before Folsom-1 and OpenStack Essex, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by (1) creating new tokens through token chaining, (2) leveraging ...

4.9CVSS6.1AI score0.00208EPSS

CVE•added 2012/07/17 9:55 p.m.•61 views

CVE-2012-3371

The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service (excessive database lookup calls and server hang) via a request with many repeated IDs in the os:s...

3.5CVSS6.1AI score0.00881EPSS

CVE•added 2012/07/22 4:55 p.m.•59 views

CVE-2012-3361

virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image.

5.5CVSS6.1AI score0.01377EPSS

CVE•added 2012/07/22 4:55 p.m.•51 views

CVE-2012-3360

Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. (dot dot) in the path attribute of a file element.

5.5CVSS6.2AI score0.02565EPSS