Remote Code Execution Vulnerability in OpenStack Image Registry by Red Hat
CVE-2014-0162
Currently unrated
Key Information:
- Vendor
- Openstack
- Vendor
- CVE Published:
- 27 April 2014
Summary
The Sheepdog backend in the OpenStack Image Registry and Delivery Service (Glance) versions 2013.2 before 2013.2.4 and Icehouse before icehouse-rc2 is susceptible to remote code execution. This issue arises when remote authenticated users, who have the permissions to insert or modify an image, exploit a crafted location to execute arbitrary commands. This vulnerability highlights the importance of ensuring that appropriate access controls and validations are in place to protect against unauthorized command execution.
References
Timeline
Vulnerability published
Vulnerability Reserved