CVE-2014-0162

The Sheepdog backend in OpenStack Image Registry and Delivery Service (Glance) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote authenticated users with permission to insert or modify an image to execute arbitrary commands via a crafted location.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:openstack:icehouse:rc-1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):2013.2:*:*:*:*:*:*:*
cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):2013.2.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):2013.2.2:*:*:*:*:*:*:*
cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):2013.2.3:*:*:*:*:*:*:*

History

No history.

Information

Published : 2014-04-27 20:55

Updated : 2024-02-28 12:20


NVD link : CVE-2014-0162

Mitre link : CVE-2014-0162

CVE.ORG link : CVE-2014-0162


JSON object : View

Products Affected

openstack

  • image_registry_and_delivery_service_\(glance\)
  • icehouse
CWE
CWE-20

Improper Input Validation