Authentication Bypass in OpenStack Glance by Rackspace
CVE-2012-4573
Currently unrated
Key Information:
- Vendor
- Openstack
- Vendor
- CVE Published:
- 11 November 2012
Summary
The v1 API of OpenStack Glance allows remote authenticated users to delete arbitrary non-protected images through an unauthorized image deletion request. This vulnerability poses a significant security risk as it permits users to remove images that should be safeguarded against deletion. This behavior is distinct from other vulnerabilities affecting the same platform, highlighting the need for diligent security practices and updates to mitigate the risks associated with misuse.
References
Timeline
Vulnerability published
Vulnerability Reserved