Lucene search
Ubuntu.comUB:CVE-2015-5251HistorySep 22, 2015 - 12:00 a.m.
CVE-2015-5251
2015-09-2200:00:00
ubuntu.com
ubuntu.com
6
5.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
0.001 Low
EPSS
Percentile
46.1%
OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before
2015.1.2 (kilo) allow remote authenticated users to change the status of
their images and bypass access restrictions via the HTTP
x-image-meta-status header to images/*.
Bugs
Notes
| Author | Note |
|---|---|
| tyhicks | 12.04 likely needs the ACTIVE_IMMUTABLE check, as well. |
Related
osv
osv
cvelist
cvelist
CVE-2015-5251
2015-10-26 17:00:00
debiancve
debiancve
CVE-2015-5251
2015-10-26 17:59:00
prion
prion
Design/Logic Flaw
2015-10-26 17:59:00
veracode
veracode
Authorization Bypass
2019-01-15 09:07:54
Denial Of Service
2019-05-02 05:18:59
cve
cve
CVE-2015-5251
2015-10-26 17:59:00
github
github
redhat
redhat
(RHSA-2015:1897) Moderate: openstack-glance security update
2015-10-15 12:09:50
ubuntu
ubuntu
OpenStack Glance vulnerabilities
2017-10-11 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3446-1)
2017-10-12 00:00:00
nessus
nessus
Ubuntu 14.04 LTS : OpenStack Glance vulnerabilities (USN-3446-1)
2017-10-12 00:00:00
5.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
0.001 Low
EPSS
Percentile
46.1%
Related for UB:CVE-2015-5251