Lucene search
GoogleOSV:GHSA-5XRJ-GHHP-HX7PHistoryMay 17, 2022 - 3:43 a.m.
OpenStack Image Service (Glance) vulnerable to Improper Access Control
2022-05-1703:43:30
Google
osv.dev
6
openstack
glance
improper access control
vulnerability
OpenStack Image Service (Glance) before 2015.1.3 (kilo) and 11.0.x before 11.0.2 (liberty), when show_multiple_locations is enabled, allow remote authenticated users to change image status and upload new image data by removing the last location of an image.
References
access.redhat.com/errata/RHSA-2016:0309
access.redhat.com/errata/RHSA-2016:0352
access.redhat.com/errata/RHSA-2016:0354
access.redhat.com/errata/RHSA-2016:0358
access.redhat.com/security/cve/CVE-2016-0757
bugzilla.redhat.com/show_bug.cgi?id=1302607
nvd.nist.gov/vuln/detail/CVE-2016-0757
opendev.org/openstack/glance
rhn.redhat.com/errata/RHSA-2016-0309.html
security.openstack.org/ossa/OSSA-2016-006.html
web.archive.org/web/20210123081823/https://www.securityfocus.com/bid/82696
Related
github
github
OpenStack Image Service (Glance) vulnerable to Improper Access Control
2022-05-17 03:43:30
redhat
redhat
(RHSA-2016:0354) Low: openstack-glance security update
2016-03-03 19:25:27
(RHSA-2016:0358) Low: openstack-glance security update
2016-03-07 00:53:21
(RHSA-2016:0309) Low: openstack-glance security update
2016-02-29 04:59:19
prion
prion
Design/Logic Flaw
2016-04-13 17:59:00
cve
cve
CVE-2016-0757
2016-04-13 17:59:09
veracode
veracode
Authorization Bypass
2019-01-15 09:10:16
ubuntucve
ubuntucve
CVE-2016-0757
2016-04-13 00:00:00
cvelist
cvelist
CVE-2016-0757
2016-04-13 17:00:00
nvd
nvd
CVE-2016-0757
2016-04-13 17:59:09
debiancve
debiancve
CVE-2016-0757
2016-04-13 17:59:09
osv
osv
nessus
nessus
Ubuntu 14.04 LTS : OpenStack Glance vulnerabilities (USN-3446-1)
2017-10-12 00:00:00
ubuntu
ubuntu
OpenStack Glance vulnerabilities
2017-10-11 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3446-1)
2017-10-12 00:00:00