Improper input validation in Openstack Icehouse
CVE-2014-0162
The Sheepdog backend in OpenStack Image Registry and Delivery Service (Glance) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote authenticated users with permission to insert or modify an image to execute arbitrary comm…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.006 (68.6th percentile) — read the EPSS interpretation.
Affected products
- Openstack Icehouse — versions rc-1
- Openstack Image_registry_and_delivery_service_\(glance\) — versions 2013.2, 2013.2.1, 2013.2.2
- N/a — versions n/a
Weakness classification (CWE)
References
- USN-2193-1 (x_refsource_UBUNTU, vendor-advisory)
- secalert@redhat.com (x_refsource_CONFIRM)
- [oss-security] 20140410 [OSSA 2014-012] Remote code execution in Glance Sheepdog backend (CVE-2014-0162) (mailing-list, x_refsource_MLIST)
- RHSA-2014:0455 (x_refsource_REDHAT, vendor-advisory)