Download
| Alert*
|
oval:org.secpod.oval:def:602148
Bastian Blank from credativ discovered that cinder, a storage-as-a-service system for the OpenStack cloud computing suite, contained a bug that would allow an authenticated user to read any file from the cinder server. oval:org.secpod.oval:def:109345 OpenStack Volume provides services to manage and access block storage volumes for use by Virtual Machine instances. oval:org.secpod.oval:def:702700 cinder: OpenStack storage service Cinder could be made to access unintended files over the network by an authenticated user. |
