Authentication Bypass in OpenStack Glance by Rackspace
CVE-2012-4573

Currently unrated

Key Information:

Vendor
Openstack
Vendor
CVE Published:
11 November 2012

Summary

The v1 API of OpenStack Glance allows remote authenticated users to delete arbitrary non-protected images through an unauthorized image deletion request. This vulnerability poses a significant security risk as it permits users to remove images that should be safeguarded against deletion. This behavior is distinct from other vulnerabilities affecting the same platform, highlighting the need for diligent security practices and updates to mitigate the risks associated with misuse.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.