Symlink Attack Vulnerability in OpenStack Compute by OpenStack
CVE-2012-3361

Currently unrated

Key Information:

Vendor
Openstack
Vendor
CVE Published:
22 July 2012

Summary

The vulnerability in OpenStack Compute (Nova) allows authenticated users to exploit symlink attacks, resulting in the potential overwriting of arbitrary files in an image. This issue stems from the inadequacy in file handling within virt/disk/api.py, affecting multiple versions such as Folsom, Essex, and Diablo.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.