Directory Traversal Vulnerability in OpenStack Compute by OpenStack
CVE-2012-3360
Currently unrated
Summary
A directory traversal vulnerability exists in OpenStack Compute (Nova) due to improper handling of path attributes in the virt/disk/api.py file. This flaw allows remote authenticated users to leverage specially crafted requests to write arbitrary files to the disk images utilized by libvirt-based hypervisors. By manipulating the file element's path attribute with traversal sequences, attackers can potentially compromise system integrity and manipulate files, posing risks to the overall security of the cloud environment.
References
Timeline
Vulnerability published
Vulnerability Reserved