Skip to main content

Diablo

2 CVEs product

Monthly

CVE-2012-3361 PyPI MEDIUM POC PATCH This Month

virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation Diablo Essex Folsom
NVD GitHub
CVSS 2.0
5.5
EPSS
1.4%
CVE-2012-2654 PyPI MEDIUM POC PATCH This Month

The (1) EC2 and (2) OS APIs in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) do not properly check the protocol when security groups are created and the network. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

Authentication Bypass Compute Diablo Essex
NVD GitHub
CVSS 2.0
4.3
EPSS
1.2%
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation Diablo Essex +1
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM POC PATCH This Month

The (1) EC2 and (2) OS APIs in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) do not properly check the protocol when security groups are created and the network. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

Authentication Bypass Compute Diablo +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy