Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to obtain sensitive information (flavor properties), boot arbitrary flavors, and possibly have other unspecified impacts by guessing the flavor id.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenStack 权限许可和访问控制问题漏洞
Vulnerability Description
OpenStack是美国美国国家航空航天局(NASA)的一个云平台管理项目。 OpenStack 2013.1.2及之前的版本存在权限许可和访问控制问题漏洞,该漏洞源于程序没有正确执行os-flavor-access:is_public属性。远程经过授权的攻击者可通过猜测flavor id(虚拟硬件模板,Virtual hardware templates)利用该漏洞获得敏感信息(flavor属性),启动任意虚拟硬件模板,也可能产生其他影响。
CVSS Information
N/A
Vulnerability Type
N/A