QwikSec

Security Database

CVE

CWE

Training

CVE-2020-9543

Published: Mar 12, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

OpenStack Manila <7.4.1, >=8.0.0 <8.1.1, and >=9.0.0 <9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugs.launchpad.net/manila/+bug/1861485

x_refsource_MISC

https://security.openstack.org/ossa/OSSA-2020-002.html

x_refsource_CONFIRM

[oss-security] 20200311 [OSSA-2020-002] Manila: Unprivileged users can retrieve, use and manipulate share networks (CVE-2020-9543)

mailing-list

x_refsource_MLIST

http://www.openwall.com/lists/oss-security/2020/03/12/1

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.