Summary
Ubuntu Update for Linux kernel vulnerabilities USN-1626-1
Solution
Please Install the Updated Packages.
Insight
Gabe Westmaas discovered that Glance did not always properly enforce access controls when deleting images. An authenticated user could delete arbitrary images by using the v1 API under certain circumstances.
Affected
glance on Ubuntu 12.10 ,
Ubuntu 12.04 LTS
Severity
Classification
-
CVE CVE-2012-4573 -
CVSS Base Score: 5.5
AV:N/AC:L/Au:S/C:N/I:P/A:P
Related Vulnerabilities