Arbitrary Image Deletion Vulnerability in OpenStack Glance API

Arbitrary Image Deletion Vulnerability in OpenStack Glance API

CVE-2012-5482 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:P

The v2 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4573.

Learn more about our Api Penetration Testing.