CVE-2015-2687 Information

Feb 14, 2021 cve

Description

OpenStack Compute (nova) Icehouse Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for.

CVSS Vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Reference

http://www.openwall.com/lists/oss-security/2015/03/24/10 http://www.openwall.com/lists/oss-security/2015/03/25/3 http://www.securityfocus.com/bid/77505 https://bugs.launchpad.net/nova/+bug/1419577 https://bugzilla.redhat.com/show_bug.cgi?id=1205313 https://review.openstack.org//c/338929/

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

4.7

Share on: