Image ID Reassignment Vulnerability in HPE Helion Openstack Glance

Image ID Reassignment Vulnerability in HPE Helion Openstack Glance

CVE-2016-4383 · HIGH Severity

AV:N/AC:M/AU:S/C:C/I:C/A:C

The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to be reassigned, which allows remote authenticated users to cause other users to boot into a modified image without notification of the change.

Learn more about our User Device Pen Test.