CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-7548

OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty), when using libvirt to spawn instances and use_cow_images is set to false, allow remote authenticated users to read arbitrary files by overwriting an instance disk with a crafted image and requesting a snapshot.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.6%

CVSS Severity

CVSS v3 Score 3.5

CVSS v2 Score 2.1

References

http://rhn.redhat.com/errata/RHSA-2016-0018.html
http://www.securityfocus.com/bid/80176
https://security.openstack.org/ossa/OSSA-2016-001.html
http://rhn.redhat.com/errata/RHSA-2016-0018.html
http://www.securityfocus.com/bid/80176
https://security.openstack.org/ossa/OSSA-2016-001.html

Products affected by CVE-2015-7548

Openstack » Nova » Version: 12.0.0

cpe:2.3:a:openstack:nova:12.0.0
Openstack » Nova » Version: 2015.1.0

cpe:2.3:a:openstack:nova:2015.1.0
Openstack » Nova » Version: 2015.1.1

cpe:2.3:a:openstack:nova:2015.1.1
Openstack » Nova » Version: 2015.1.2

cpe:2.3:a:openstack:nova:2015.1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-7548

Products

Pricing

Contact Us