OSSA-2012-017: Authentication bypass for image deletion

Date:

November 07, 2012

CVE:

CVE-2012-4573, CVE-2012-5482

Affects

• Glance: Essex, Folsom, Grizzly

Description

Gabe Westmaas from Rackspace reported a vulnerability in Glance authentication of image deletion requests. Authenticated users may be able to delete arbitrary, non-protected images from Glance servers. Only Folsom/Grizzly deployments that expose the v1 API are affected by this vulnerability. Additionally, Essex deployments that use the delayed_delete option are also affected.

Patches

• https://review.openstack.org/#/c/15562 (Essex)

• https://review.openstack.org/#/c/15563 (Folsom)

• https://review.openstack.org/#/c/15658 (Grizzly)

• https://review.openstack.org/#/c/15659 (Grizzly)

• https://review.openstack.org/#/c/15564 (Grizzly)

Credits

• Gabe Westmaas from Rackspace (CVE-2012-4573, CVE-2012-5482)

References

• https://launchpad.net/bugs/1065187

• https://launchpad.net/bugs/1076506

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4573

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5482