) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
Search Parameters:
- CPE Product Version: cpe:/a:openstack:compute:2013.2.3
There are 2 matching records.
Displaying matches 1 through 2.
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2015-2687 |
OpenStack Compute (nova) Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for. Published: August 09, 2017; 2:29:01 PM -0400 |
V3.0: 4.7 MEDIUM V2.0: 1.9 LOW |
| CVE-2014-0167 |
The Nova EC2 API security group implementation in OpenStack Compute (Nova) 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 does not enforce RBAC policies for (1) add_rules, (2) remove_rules, (3) destroy, and other unspecified methods in compute/api.py when using non-default policies, which allows remote authenticated users to gain privileges via these API requests. Published: April 15, 2014; 10:55:04 AM -0400 |
V3.x:(not available) V2.0: 6.0 MEDIUM |