Metadata Constraints Bypass in OpenStack Swift
CVE-2014-7960

Currently unrated

Key Information:

Vendor: Openstack
Status: Swift
Vendor: CVE Published:; 17 October 2014

Summary

The vulnerability in OpenStack Swift prior to version 2.2.0 allows remote authenticated users to bypass the maximum metadata constraints set for objects. By sending multiple carefully crafted requests, attackers can exceed the established limits, posing a risk to the integrity and security of stored data. Organizations using affected versions of OpenStack Swift should prioritize upgrading to mitigate such security threats and maintain robust data protection practices.

References

http://lists.opensuse.org/opensuse-security-announce/2015...

vendor-advisoryx_refsource_SUSE

http://www.openwall.com/lists/oss-security/2014/10/08/7

mailing-listx_refsource_MLIST

https://bugs.launchpad.net/swift/+bug/1365350

x_refsource_CONFIRM

Timeline

Vulnerability published
Oct 17, 2014
Vulnerability Reserved
Oct 7, 2014