CVE-2015-1195

NONECVSS 0.0

0.0

The V2 API in OpenStack Image Registry and Delivery Service (Glance) before 2014.1.4 and 2014.2.x before 2014.2.2 allows remote authenticated users to read or delete arbitrary files via a full pathname in a filesystem: URL in the image location property. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-9493.

🔗 References (14)

cve@mitrehttp://lists.openstack.org/pipermail/openstack-announce/2015-January/000325.html
cve@mitrehttp://secunia.com/advisories/62169
cve@mitrehttp://www.openwall.com/lists/oss-security/2015/01/15/2
cve@mitrehttp://www.openwall.com/lists/oss-security/2015/01/18/5
cve@mitrehttp://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
cve@mitrehttp://www.securityfocus.com/bid/71976
cve@mitrehttps://bugs.launchpad.net/ossa/+bug/1408663
af854a3a-2127-422b-91ae-364da2661108http://lists.openstack.org/pipermail/openstack-announce/2015-January/000325.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/62169
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2015/01/15/2
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2015/01/18/5
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/71976
af854a3a-2127-422b-91ae-364da2661108https://bugs.launchpad.net/ossa/+bug/1408663

Is Your Infrastructure Affected by CVE-2015-1195?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2015-1195

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2015-1195?