Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenStack 路径遍历漏洞
Vulnerability Description
OpenStack是美国美国国家航空航天局(NASA)的一个云平台管理项目。 OpenStack Cinder、glance、nova存在安全漏洞,该漏洞源于通过提供一个专门创建的引用特定备份文件路径的VMDK平面图像,经过验证的用户可以说服系统从服务器返回该文件内容的副本,从而导致对潜在敏感数据的未授权访问。
CVSS Information
N/A
Vulnerability Type
N/A