Arbitrary File Read Vulnerability in OpenStack Glance Image Service

Arbitrary File Read Vulnerability in OpenStack Glance Image Service

CVE-2015-5163 · LOW Severity

AV:N/AC:M/AU:S/C:P/I:N/A:N

The import task action in OpenStack Image Service (Glance) 2015.1.x before 2015.1.2 (kilo), when using the V2 API, allows remote authenticated users to read arbitrary files via a crafted backing file for a qcow2 image.

Learn more about our Api Penetration Testing.