Remote Code Execution Vulnerability in OpenStack Image Registry by Red Hat
CVE-2014-0162

Currently unrated

Key Information:

Vendor
Openstack
Vendor
CVE Published:
27 April 2014

Summary

The Sheepdog backend in the OpenStack Image Registry and Delivery Service (Glance) versions 2013.2 before 2013.2.4 and Icehouse before icehouse-rc2 is susceptible to remote code execution. This issue arises when remote authenticated users, who have the permissions to insert or modify an image, exploit a crafted location to execute arbitrary commands. This vulnerability highlights the importance of ensuring that appropriate access controls and validations are in place to protect against unauthorized command execution.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.