Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The (1) EC2 and (2) OS APIs in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) do not properly check the protocol when security groups are created and the network protocol is not specified entirely in lowercase, which allows remote attackers to bypass intended access restrictions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenStack Compute (Nova)输入验证漏洞
Vulnerability Description
OpenStack是由Rackspace和NASA共同开发的云计算平台,帮助服务商和企业内部实现类似于Amazon EC2和S3的云基础架构。 OpenStack Compute (Nova) Folsom (2012.2),Essex (2012.1)和Diablo (2011.3)中的(1)EC2和(2)OS APIs中存在漏洞,该漏洞源于在不正确情况下定义的协议(如‘TCP’而非‘tcp'),会导致之后的字符串比较失效。远程攻击者可利用该漏洞不正确设置“Security Group”,导致“Secu
CVSS Information
N/A
Vulnerability Type
N/A