What is CVE-2015-7548?

CVE-2015-7548 is a low-severity vulnerability in Openstack Nova, classified under Information Disclosure. CVSS score: 3.5/10. Published 2016-01-12.

How severe is CVE-2015-7548?

Low severity. CVSS v3 base score is 3.5 out of 10.

Information disclosure in Openstack Nova

CVE-2015-7548

OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty), when using libvirt to spawn instances and use_cow_images is set to false, allow remote authenticated users to read arbitrary files by overwriting an instan…

Vulnerability class: Information Disclosure

EPSS: 0.002 (38.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.5 (Low). Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N.

Affected products

Openstack Nova
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

80176 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
RHSA-2016:0018 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
secalert@redhat.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2015-7548?: CVE-2015-7548 is a low-severity vulnerability in Openstack Nova, classified under Information Disclosure. CVSS score: 3.5/10. Published 2016-01-12.
How severe is CVE-2015-7548?: Low severity. CVSS v3 base score is 3.5 out of 10.