OpenStack Image Registry Vulnerability in Glance Affects Multiple Tenants
CVE-2013-4354

Currently unrated

Key Information:

Vendor

Openstack
Status
Image Registry And Delivery Service \(glance\)
Vendor
CVE Published:
23 November 2013

What is CVE-2013-4354?

A vulnerability exists in the OpenStack Image Registry and Delivery Service (Glance) prior to version 2.1 that permits local users to inject images into arbitrary tenant accounts. This occurs due to the software allowing the addition of a tenant as a member of any image, thereby compromising the data integrity and confidentiality of the tenant's images.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.openwall.com/lists/oss-security/2013/09/19/3
mailing-listx_refsource_MLIST
https://bugs.launchpad.net/glance/+bug/1226078
x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2013/09/19/2
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.