Remote Authentication Bypass in OpenStack Glance by OpenStack
CVE-2012-5482

Currently unrated

Key Information:

Vendor
Openstack
Vendor
CVE Published:
11 November 2012

Summary

A security flaw in the v2 API of OpenStack Glance allows remote authenticated users to delete arbitrary non-protected images. This vulnerability arises from an incomplete fix for a prior issue, CVE-2012-4573. As a result, proper protections are not enforced for image deletion requests, which poses a risk for data integrity and security within the OpenStack ecosystem.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.