1 results (0.002 seconds)
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2016-0757 – openstack-glance: Glance image status manipulation through locations
https://notcve.org/view.php?id=CVE-2016-0757
29 Feb 2016 — OpenStack Image Service (Glance) before 2015.1.3 (kilo) and 11.0.x before 11.0.2 (liberty), when show_multiple_locations is enabled, allow remote authenticated users to change image status and upload new image data by removing the last location of an image. OpenStack Image Service (Glance) en versiones anteriores a 2015.1.3 (kilo) y 11.0.x en versiones anteriores a 11.0.2 (liberty), cuando show_multiple_locations está habilitado, permiten a usuarios remotos autenticados cambiar el estado de imagen y cargar ... • http://rhn.redhat.com/errata/RHSA-2016-0309.html • CWE-284: Improper Access Control CWE-285: Improper Authorization •