Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data. This impacts both s3api deployments (Rocky or later), and swift3 deployments (Queens and earlier, no longer actively developed).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenStack 安全漏洞
Vulnerability Description
OpenStack是美国美国国家航空航天局(NASA)的一个云平台管理项目。Swift是其中的一个用于存储永久静态数据的存储项目。 OpenStack 存在安全漏洞,该漏洞源于通过提供特制的 XML 文件,经过身份验证的用户可能会强制 S3 API 从主机服务器返回任意文件内容,从而导致对潜在敏感数据的未授权读取访问。
CVSS Information
N/A
Vulnerability Type
N/A