CVE-2015-2687 – nova

Package

Manager: pip
Name: nova
Vulnerable Version: >=0 <15.0.0.0b1

Severity

Level: Medium

CVSS v3.1: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00051 pctl0.15625

Details

OpenStack Compute (Nova) Improper Access Control OpenStack Compute (nova) Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for.

Metadata

Created: 2022-05-17T01:57:43Z
Modified: 2024-11-26T18:21:48Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-97fv-22hc-mrgj/GHSA-97fv-22hc-mrgj.json
CWE IDs: ["CWE-284"]
Alternative ID: GHSA-97fv-22hc-mrgj
Finding: F039
Auto approve: 1