Arbitrary File Read Vulnerability in OpenStack Glance Image Service
CVE-2015-5163 · LOW Severity
AV:N/AC:M/AU:S/C:P/I:N/A:N
The import task action in OpenStack Image Service (Glance) 2015.1.x before 2015.1.2 (kilo), when using the V2 API, allows remote authenticated users to read arbitrary files via a crafted backing file for a qcow2 image.
Learn more about our Api Penetration Testing.