Lucene search

K

GoogleOSV:GHSA-67RH-9P29-VRXR

HistoryMay 14, 2022 - 1:58 a.m.

OpenStack Compute (Nova) allows remote attackers to bypass intended restriction

2022-05-1401:58:45

Google

osv.dev

7

openstack compute

nova

security bypass

restriction

instance running

vulnerability

EPSS

0.005

Percentile

77.2%

OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made.

References

rhn.redhat.com/errata/RHSA-2015-2684.html

www.securityfocus.com/bid/76960

access.redhat.com/errata/RHSA-2015:2673

access.redhat.com/errata/RHSA-2015:2684

access.redhat.com/errata/RHSA-2016:0013

access.redhat.com/errata/RHSA-2016:0017

access.redhat.com/security/cve/CVE-2015-7713

bugs.launchpad.net/nova/+bug/1491307

bugs.launchpad.net/nova/+bug/1492961

bugzilla.redhat.com/show_bug.cgi?id=1269119

nvd.nist.gov/vuln/detail/CVE-2015-7713

opendev.org/openstack/nova

security.openstack.org/ossa/OSSA-2015-021.html

web.archive.org/web/20200228024902/www.securityfocus.com/bid/76960

EPSS

0.005

Percentile

77.2%

Related for OSV:GHSA-67RH-9P29-VRXR

redhat4 debiancve1 prion1 ubuntucve1 nvd1 cve1 github1 cvelist1 veracode1 ibm2 nessus1 ubuntu1 openvas1