6.5 Medium
AI Score
Confidence
High
5.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
0.004 Low
EPSS
Percentile
73.2%
Rajaneesh Singh discovered Swift does not properly enforce metadata
limits. An attacker could abuse this issue to store more metadata than
allowed by policy. (CVE-2014-7960)
Clay Gerrard discovered Swift allowed users to delete the latest version
of object regardless of object permissions when allow_version is
configured. An attacker could use this issue to delete objects.
(CVE-2015-1856)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 15.04 | noarch | swift | < 2.2.2-0ubuntu1.3 | UNKNOWN |
Ubuntu | 15.04 | noarch | python-swift | < 2.2.2-0ubuntu1.3 | UNKNOWN |
Ubuntu | 15.04 | noarch | swift-account | < 2.2.2-0ubuntu1.3 | UNKNOWN |
Ubuntu | 15.04 | noarch | swift-container | < 2.2.2-0ubuntu1.3 | UNKNOWN |
Ubuntu | 15.04 | noarch | swift-doc | < 2.2.2-0ubuntu1.3 | UNKNOWN |
Ubuntu | 15.04 | noarch | swift-object | < 2.2.2-0ubuntu1.3 | UNKNOWN |
Ubuntu | 15.04 | noarch | swift-object-expirer | < 2.2.2-0ubuntu1.3 | UNKNOWN |
Ubuntu | 15.04 | noarch | swift-proxy | < 2.2.2-0ubuntu1.3 | UNKNOWN |
Ubuntu | 14.04 | noarch | swift | < 1.13.1-0ubuntu1.2 | UNKNOWN |
Ubuntu | 14.04 | noarch | python-swift | < 1.13.1-0ubuntu1.2 | UNKNOWN |