Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The cloudformation-compatible API in OpenStack Orchestration API (Heat) before Havana 2013.2.1 and Icehouse before icehouse-2 does not properly enforce policy rules, which allows local in-instance users to bypass intended access restrictions and (1) create a stack via the CreateStack method or (2) update a stack via the UpdateStack method.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenStack Orchestration API 权限许可和访问控制漏洞
Vulnerability Description
OpenStack是美国国家航空航天局(National Aeronautics and Space Administration)和美国Rackspace公司合作研发的一个云平台管理项目。OpenStack Orchestration API(Heat)是其中的一个编排项目,用以连接到Neutron来帮助编排负载均衡和其他网络功能。 OpenStack Orchestration API Havana 2013.2.1之前的版本和Icehouse icehouse-2之前的版本中的cloudformat
CVSS Information
N/A
Vulnerability Type
N/A