GoogleOSV:GHSA-7H75-HWXX-QPGCOpenStack Cinder, glance, and Nova vulnerable to Path Traversal
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
EPSS
Percentile
66.0%
An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file’s contents from the server, resulting in unauthorized access to potentially sensitive data.
References
launchpad.net/bugs/1996188
lists.debian.org/debian-lts-announce/2023/01/msg00040.html
lists.debian.org/debian-lts-announce/2023/01/msg00041.html
lists.debian.org/debian-lts-announce/2023/01/msg00042.html
nvd.nist.gov/vuln/detail/CVE-2022-47951
security.openstack.org/ossa/OSSA-2023-002.html
www.debian.org/security/2023/dsa-5336
www.debian.org/security/2023/dsa-5337
www.debian.org/security/2023/dsa-5338
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
EPSS
Percentile
66.0%