CVE-2014-0167 in OpenStack Computeinfo

Zusammenfassung (Englisch)

The Nova EC2 API security group implementation in OpenStack Compute (Nova) 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 does not enforce RBAC policies for (1) add_rules, (2) remove_rules, (3) destroy, and other unspecified methods in compute/api.py when using non-default policies, which allows remote authenticated users to gain privileges via these API requests.

Be aware that VulDB is the high quality source for vulnerability data.

Reservieren

03.12.2013

Veröffentlichung

15.04.2014

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
69335	OpenStack Compute Privileges erweiterte Rechte	264	Nicht definiert	Offizieller Fix	CVE-2014-0167

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

MITRE
NVD
CVE Details

◂ ZurückÜbersichtWeiter ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!