Lucene search
Veracode Vulnerability DatabaseVERACODE:11901HistoryJan 15, 2019 - 9:09 a.m.
Arbitrary File Read
2019-01-1509:09:37
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
EPSS
0.001
Percentile
36.1%
openstack-nova is vulnerable to arbitrary file read. A flaw was discovered in the OpenStack Compute (nova) snapshot feature when using the libvirt driver. A compute user could overwrite an attached instance disk with a malicious header specifying a backing file, and then request a snapshot, causing a file from the compute host to be leaked. This flaw only affects LVM or Ceph setups, or setups using filesystem storage with use_cow_images = False.
Related
cvelist
cvelist
CVE-2015-7548
2016-01-12 19:00:00
prion
prion
Stack overflow
2016-01-12 19:59:00
nvd
nvd
CVE-2015-7548
2016-01-12 19:59:06
debiancve
debiancve
CVE-2015-7548
2016-01-12 19:59:06
cve
cve
CVE-2015-7548
2016-01-12 19:59:06
redhat
redhat
(RHSA-2016:0018) Important: openstack-nova security update
2016-01-11 10:15:30
(RHSA-2016:0017) Important: openstack-nova security advisory
2016-01-10 23:07:38
ubuntucve
ubuntucve
CVE-2015-7548
2016-01-12 00:00:00
ibm
ibm
ubuntu
ubuntu
OpenStack Nova vulnerabilities
2017-10-11 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3449-1)
2017-10-12 00:00:00
nessus
nessus
Ubuntu 14.04 LTS : OpenStack Nova vulnerabilities (USN-3449-1)
2017-10-12 00:00:00