CVE-2015-5251
N/A
N/A
Summary
OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allow remote authenticated users to change the status of their images and bypass access restrictions via the HTTP x-image-meta-status header to images/*.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://security.openstack.org/ossa/OSSA-2015-019.html
- https://bugs.launchpad.net/bugs/1482371
- http://rhn.redhat.com/errata/RHSA-2015-1897.html
References
- https://security.openstack.org/ossa/OSSA-2015-019.html
- https://bugs.launchpad.net/bugs/1482371
- http://rhn.redhat.com/errata/RHSA-2015-1897.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.