Information Disclosure via Cross-Container Object Reference in OpenStack Swift

Information Disclosure via Cross-Container Object Reference in OpenStack Swift

CVE-2015-5223 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

OpenStack Object Storage (Swift) before 2.4.0 allows attackers to obtain sensitive information via a PUT tempurl and a DLO object manifest that references an object in another container.

Learn more about our Web Application Penetration Testing UK.