CVE-2012-4573
published 2012-11-11CVE-2012-4573: The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an…
medium5.5CVSS 3.1
AVNACLAuSCNIPAP
The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different vulnerability than CVE-2012-5482.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | glance | < glance 2012.1.1-3 (bookworm) | glance 2012.1.1-3 (bookworm) |
| debian | glance | < glance 2012.1.1-2 (bookworm) | glance 2012.1.1-2 (bookworm) |
| glance_project | glance | < b591304b8980d8aca8fa6cda9ea1621aca000c88 | b591304b8980d8aca8fa6cda9ea1621aca000c88 |
| glance_project | glance | >= 0 < 2012.1.1-3 | 2012.1.1-3 |
| glance_project | glance | >= 0 < 2012.1.1-2 | 2012.1.1-2 |
| glance_project | glance | >= 0 < 2012.1.1-3 | 2012.1.1-3 |
| glance_project | glance | >= 0 < 2012.1.1-2 | 2012.1.1-2 |
| glance_project | glance | >= 0 < 2012.1.1-3 | 2012.1.1-3 |
| glance_project | glance | >= 0 < 2012.1.1-2 | 2012.1.1-2 |
| glance_project | glance | >= 0 < 2012.1.1-3 | 2012.1.1-3 |
| glance_project | glance | >= 0 < 2012.1.1-2 | 2012.1.1-2 |
| glance_project | glance | >= 0 < 11.0.0a0 | 11.0.0a0 |
| glance_project | glance | >= 0 < fc0ee7623ec59c87ac6fc671e95a9798d6f2e2c3 | fc0ee7623ec59c87ac6fc671e95a9798d6f2e2c3 |
| openstack | essex | — | — |
| openstack | folsom | — | — |
CVSS provenance
nvd5.5MEDIUMAV:N/AC:L/Au:S/C:N/I:P/A:P
ghsa5.5MEDIUM
osv5.5MEDIUM