Solution
Please Install the Updated Packages.
Insight
Stuart McLaren discovered an issue with Glance v1 API requests. An authenticated attacker could exploit this to expose the Glance operator's Swift and/or S3 credentials via the response headers when requesting a cached image.
Affected
glance on Ubuntu 12.10 ,
Ubuntu 12.04 LTS
Severity
Classification
-
CVE CVE-2013-1840 -
CVSS Base Score: 3.5
AV:N/AC:M/Au:S/C:P/I:N/A:N
Related Vulnerabilities