CVE-2014-3641

The (1) GlusterFS and (2) Linux Smbfs drivers in OpenStack Cinder before 2014.1.3 allows remote authenticated users to obtain file data from the Cinder-volume host by cloning and attaching a volume with a crafted qcow2 header.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:openstack:cinder:*:*:*:*:*:*:*:*
cpe:2.3:a:openstack:cinder:2014.1.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2014-10-08 19:55

Updated : 2024-02-28 12:20


NVD link : CVE-2014-3641

Mitre link : CVE-2014-3641

CVE.ORG link : CVE-2014-3641


JSON object : View

Products Affected

openstack

  • cinder
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor