CVE-2012-2654

NONECVSS 0.0

0.0

The (1) EC2 and (2) OS APIs in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) do not properly check the protocol when security groups are created and the network protocol is not specified entirely in lowercase, which allows remote attackers to bypass intended access restrictions.

🔗 References (18)

secalert@redhathttp://secunia.com/advisories/46808
secalert@redhathttp://secunia.com/advisories/49439
secalert@redhathttp://www.ubuntu.com/usn/USN-1466-1
secalert@redhathttps://bugs.launchpad.net/nova/+bug/985184
secalert@redhathttps://exchange.xforce.ibmcloud.com/vulnerabilities/76110
secalert@redhathttps://github.com/openstack/nova/commit/9f9e9da777161426a6f8cb4314b78e09beac2978
secalert@redhathttps://github.com/openstack/nova/commit/ff06c7c885dc94ed7c828e8cdbb8b5d850a7e654
secalert@redhathttps://lists.launchpad.net/openstack/msg12883.html
secalert@redhathttps://review.openstack.org/#/c/8239/
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/46808
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/49439
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-1466-1
af854a3a-2127-422b-91ae-364da2661108https://bugs.launchpad.net/nova/+bug/985184
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/76110
af854a3a-2127-422b-91ae-364da2661108https://github.com/openstack/nova/commit/9f9e9da777161426a6f8cb4314b78e09beac2978

Is Your Infrastructure Affected by CVE-2012-2654?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2012-2654

📅 Published

🔄 Last Modified

🔗 References (18)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2012-2654?