CVE-2012-4573

Published: Nov 11, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different vulnerability than CVE-2012-5482.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

51174

third-party-advisory

x_refsource_SECUNIA

51234

third-party-advisory

x_refsource_SECUNIA

USN-1626-1

vendor-advisory

x_refsource_UBUNTU

RHSA-2012:1558

vendor-advisory

x_refsource_REDHAT

56437

vdb-entry

x_refsource_BID

https://github.com/openstack/glance/commit/90bcdc5a89e350a358cf320a03f5afe99795f6f6

x_refsource_CONFIRM

FEDORA-2012-17901

vendor-advisory

x_refsource_FEDORA

[oss-security] 20121107 [OSSA 2012-017] Authentication bypass for image deletion (CVE-2012-4573)

mailing-list

x_refsource_MLIST

[oss-security] 20121109 [OSSA 2012-017.1] Authentication bypass for image deletion (CVE-2012-4573, CVE-2012-5482) ERRATA 1

mailing-list

x_refsource_MLIST

http://packetstormsecurity.com/files/118733/Red-Hat-Security-Advisory-2012-1558-01.html

x_refsource_MISC

87248

vdb-entry

x_refsource_OSVDB

https://github.com/openstack/glance/commit/6ab0992e5472ae3f9bef0d2ced41030655d9d2bc

x_refsource_CONFIRM

USN-1626-2

vendor-advisory

x_refsource_UBUNTU

https://bugs.launchpad.net/glance/+bug/1065187

x_refsource_CONFIRM

SUSE-SU-2012:1455

vendor-advisory

x_refsource_SUSE

https://github.com/openstack/glance/commit/efd7e75b1f419a52c7103c7840e24af8e5deb29d

x_refsource_CONFIRM

openstack-glance-sec-bypass(79895)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-4573

Description

Affected Products

References