CVE-2015-2687

4.7MEDIUM

Key Information

Vendor: Openstack
Status: Compute
Vendor: CVE Published:; 9 August 2017

Summary

OpenStack Compute (nova) Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for.

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Aug 9, 2017
Vulnerability Reserved.
Mar 24, 2015

Collectors

NVD DatabaseMitre Database