OpenStack Image Registry and Delivery Service (Glance) Folsom, Grizzly before 2013.1.4, and Havana before 2013.2, when the download_image policy is configured, does not properly restrict access to. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.
Privilege Escalation
Glance
Ubuntu Linux
NVD
CVSS 2.0
3.5
EPSS
0.3%