The instance rescue mode in OpenStack Compute (Nova) 2013.2 prior to 2013.2.3 and Icehouse prior to 2014.1, when using libvirt to spawn images and use_cow_images is set to false, allows remote authenticated users to read certain compute host files by overwriting an instance disk with a crafted image.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openstack compute 2013.2 |
||
openstack compute 2013.2.1 |
||
openstack compute 2013.2.2 |