OpenStack Glance Image Service Remote Status Change Vulnerability

OpenStack Glance Image Service Remote Status Change Vulnerability

CVE-2015-5251 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:P

OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allow remote authenticated users to change the status of their images and bypass access restrictions via the HTTP x-image-meta-status header to images/*.

Learn more about our User Device Pen Test.