Directory Traversal Vulnerability in OpenStack Compute by OpenStack
CVE-2012-3360

Currently unrated

Key Information:

Vendor
Openstack
Vendor
CVE Published:
22 July 2012

Summary

A directory traversal vulnerability exists in OpenStack Compute (Nova) due to improper handling of path attributes in the virt/disk/api.py file. This flaw allows remote authenticated users to leverage specially crafted requests to write arbitrary files to the disk images utilized by libvirt-based hypervisors. By manipulating the file element's path attribute with traversal sequences, attackers can potentially compromise system integrity and manipulate files, posing risks to the overall security of the cloud environment.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.