Remote Code Execution Vulnerability in OpenStack Image Registry by Red Hat
CVE-2014-0162

Currently unrated

Key Information:

Vendor

Openstack
Status
Image Registry And Delivery Service \(glance\)
Icehouse
Vendor
CVE Published:
27 April 2014

What is CVE-2014-0162?

The Sheepdog backend in the OpenStack Image Registry and Delivery Service (Glance) versions 2013.2 before 2013.2.4 and Icehouse before icehouse-rc2 is susceptible to remote code execution. This issue arises when remote authenticated users, who have the permissions to insert or modify an image, exploit a crafted location to execute arbitrary commands. This vulnerability highlights the importance of ensuring that appropriate access controls and validations are in place to protect against unauthorized command execution.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.ubuntu.com/usn/USN-2193-1
vendor-advisoryx_refsource_UBUNTU
https://launchpad.net/bugs/1298698
x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2014/04/10/13
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.