File Access Vulnerability in OpenStack Compute by Red Hat
CVE-2015-7548
3.5LOW
Summary
A vulnerability in OpenStack Compute (Nova) prior to version 2015.1.3 and 12.0.x before 12.0.1, when using libvirt for instance spawning with the use_cow_images option set to false, can allow remote authenticated users to overwrite instance disks with maliciously crafted images. This exploitation leads to unauthorized access, enabling attackers to retrieve arbitrary files from the affected instance. It is crucial for users to apply the necessary updates to safeguard their system against potential breaches.
References
CVSS V3.1
Score:
3.5
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved