OpenStack Nova 2011.2 Release Candidate 1

CPE Details

OpenStack Nova 2011.2 Release Candidate 1
openstack
nova
2011.2
2019-11-01
16h30 +00:00
2019-11-01
16h30 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:openstack:nova:2011.2:rc1:*:*:*:*:*:*

Informations

Vendor

openstack

Product

nova

Version

2011.2

Update

rc1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2011-4076 2019-11-26 02h53 +00:00 OpenStack Nova before 2012.1 allows someone with access to an EC2_ACCESS_KEY (equivalent to a username) to obtain the EC2_SECRET_KEY (equivalent to a password). Exposing the EC2_ACCESS_KEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2_SECRET_KEY. An attacker could also presumably brute force values for EC2_ACCESS_KEY.
5.9
Medium
CVE-2011-3147 2019-04-22 15h35 +00:00 Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem.
8.6
High
CVE-2012-1585 2012-08-17 00h00 +00:00 OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name.
4