Ubuntu Update For Glance USN-1626-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1626-1

Solution

Please Install the Updated Packages.

Insight

Gabe Westmaas discovered that Glance did not always properly enforce access controls when deleting images. An authenticated user could delete arbitrary images by using the v1 API under certain circumstances.

Affected

glance on Ubuntu 12.10 , Ubuntu 12.04 LTS

Severity

Classification

CVE CVE-2012-4573
CVSS Base Score: 5.5
AV:N/AC:L/Au:S/C:N/I:P/A:P

Related Vulnerabilities

Ubuntu Update for apache2 USN-1765-1
Ubuntu Update for clamav vulnerability USN-986-2
Ubuntu Update for apport USN-2007-1
Ubuntu Update for clamav USN-1179-1
Ubuntu Update for apache2 vulnerabilities USN-908-1

Ubuntu Update for glance USN-1626-1

Take action and discover your vulnerabilities