Directory Traversal Vulnerability in OpenStack Compute by OpenStack
CVE-2012-3360

Currently unrated

Key Information:

Vendor

Openstack
Status
Essex
Folsom
Vendor
CVE Published:
22 July 2012

What is CVE-2012-3360?

A directory traversal vulnerability exists in OpenStack Compute (Nova) due to improper handling of path attributes in the virt/disk/api.py file. This flaw allows remote authenticated users to leverage specially crafted requests to write arbitrary files to the disk images utilized by libvirt-based hypervisors. By manipulating the file element's path attribute with traversal sequences, attackers can potentially compromise system integrity and manipulate files, posing risks to the overall security of the cloud environment.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/54277
vdb-entryx_refsource_BID
http://secunia.com/advisories/49763
third-party-advisoryx_refsource_SECUNIA
https://bugs.launchpad.net/nova/+bug/1015531
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.