Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as demonstrated using /tmp/keystone-signing-nova on Fedora.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenStack Nova 不安全临时目录创建漏洞
Vulnerability Description
OpenStack是美国国家航空航天局(National Aeronautics and Space Administration)和美国Rackspace公司合作研发的一个云平台管理项目。OpenStack Nova是其中的一个用Python编写的云计算构造控制器,属于IaaS系统的一部分。 OpenStack Nova Folsom、Grizzly、Havana中的keystone/middleware/auth_token.py文件中存在安全漏洞,该漏洞源于程序使用不安全的临时目录存储签名证书。本地
CVSS Information
N/A
Vulnerability Type
N/A