Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. (dot dot) in the path attribute of a file element.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenStack Nova 远程代码注入漏洞
Vulnerability Description
OpenStack Compute(Nova)是用Python编写的云计算构造控制器,属于laaS系统的一部分。 OpenStack Compute (Nova) Folsom (2012.2)和Essex (2012.1)中的virt/disk/api.py中存在目录遍历漏洞。当使用libvirt-based虚拟机管理程序时,远程认证用户可利用该漏洞通过在文件元素内的目录属性中的..(点点)写入任意文件到磁盘影像。
CVSS Information
N/A
Vulnerability Type
N/A