Arbitrary File Read

2019-01-1509:09:37

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

3.5 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N

2.1 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:S/C:P/I:N/A:N

JSON

openstack-nova is vulnerable to arbitrary file read. A flaw was discovered in the OpenStack Compute (nova) snapshot feature when using the libvirt driver. A compute user could overwrite an attached instance disk with a malicious header specifying a backing file, and then request a snapshot, causing a file from the compute host to be leaked. This flaw only affects LVM or Ceph setups, or setups using filesystem storage with use_cow_images = False.

CPENameOperatorVersion
openstack-novaeq2013.2.4__2.el6ost
openstack-novaeq15.1.5__1.el7
openstack-novaeq2013.2__10.el6ost
openstack-novaeq16.1.4__2.el7
openstack-novaeq2014.1.5__5.el7ost
openstack-novaeq2015.1.0__17.el7ost
openstack-novaeq2014.1.4__5.el7ost
openstack-novaeq2013.1.1__2.el6ost
openstack-novaeq2014.1.1__3.el6ost
openstack-novaeq2014.2.3__29.el7ost

Name	Operator	Version
openstack-nova	eq	2013.2.4__2.el6ost
openstack-nova	eq	15.1.5__1.el7
openstack-nova	eq	2013.2__10.el6ost
openstack-nova	eq	16.1.4__2.el7
openstack-nova	eq	2014.1.5__5.el7ost
openstack-nova	eq	2015.1.0__17.el7ost
openstack-nova	eq	2014.1.4__5.el7ost
openstack-nova	eq	2013.1.1__2.el6ost
openstack-nova	eq	2014.1.1__3.el6ost
openstack-nova	eq	2014.2.3__29.el7ost