Published: 22/10/2012 Updated: 29/08/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

OpenStack Object Storage (swift) prior to 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote malicious users to execute arbitrary code via a crafted pickle object.

Vulnerable Product Search on Vulmon Subscribe to Product

openstack swift 1.0.0

openstack swift 1.0.1

openstack swift 1.0.2

openstack swift 1.1.0

openstack swift 1.2.0

openstack swift 1.3.0

openstack swift 1.4.0

openstack swift 1.4.1

openstack swift 1.4.2

openstack swift 1.4.3

openstack swift 1.4.4

openstack swift 1.4.5

openstack swift 1.4.6

openstack swift 1.4.7

openstack swift 1.4.8

openstack swift 1.5.0

openstack swift

Vendor Advisories

Synopsis Important: openstack-swift security update Type/Severity Security Advisory: Important Topic Updated openstack-swift packages that fix one security issue are nowavailable for Red Hat OpenStack EssexThe Red Hat Security Response Team has rated this update as havingimportant security impact A Common ...
Debian Bug report logs - #686812 swift: CVE-2012-4406 Package: swift; Maintainer for swift is Debian OpenStack <team+openstack@trackerdebianorg>; Source for swift is src:swift (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Thu, 6 Sep 2012 07:15:02 UTC Severity: grave Tags: security ...
Synopsis Important: Red Hat Storage 20 security, bug fix, and enhancement update #4 Type/Severity Security Advisory: Important Topic Updated Red Hat Storage 20 packages that fix multiple security issues,several bugs, and add enhancements are now availableThe Red Hat Security Response Team has rated this ...
Multiple security issues were fixed in OpenStack Swift ...