Date: | January 29, 2013 |
---|---|
CVE: | CVE-2013-0212 |
Dan Prince of Red Hat discovered an issue in Glance error reporting. By creating an image in Glance by URL that references a mis-configured Swift endpoint, or if the Swift endpoint that a previously-ACTIVE image references for any reason becomes unusable, an authenticated user may access the Glance operator’s Swift credentials for that endpoint. Only setups that use the single-tenant Swift store are affected.
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.