Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2012-3360
Modified
More InfoOfficial Page
Source-secalert@redhat.com
View Known Exploited Vulnerability (KEV) details
Published At-22 Jul, 2012 | 16:55
Updated At-29 Apr, 2026 | 01:13

Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. (dot dot) in the path attribute of a file element.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.5MEDIUM
AV:N/AC:L/Au:S/C:N/I:P/A:P
Type: Primary
Version: 2.0
Base score: 5.5
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:N/I:P/A:P
CPE Matches
OpenStack
openstack
>>essex>>2012.1
cpe:2.3:a:openstack:essex:2012.1:*:*:*:*:*:*:*
OpenStack
openstack
>>folsom>>2012.2
cpe:2.3:a:openstack:folsom:2012.2:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-22Primarynvd@nist.gov
CWE ID: CWE-22
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083984.htmlsecalert@redhat.com
N/A
http://secunia.com/advisories/49763secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/49802secalert@redhat.com
Vendor Advisory
http://www.securityfocus.com/bid/54277secalert@redhat.com
N/A
http://www.ubuntu.com/usn/USN-1497-1secalert@redhat.com
N/A
https://bugs.launchpad.net/nova/+bug/1015531secalert@redhat.com
N/A
https://github.com/openstack/nova/commit/2427d4a99bed35baefd8f17ba422cb7aae8dcca7secalert@redhat.com
N/A
https://github.com/openstack/nova/commit/b0feaffdb2b1c51182b8dce41b367f3449af5dd9secalert@redhat.com
Exploit
Patch
https://lists.launchpad.net/openstack/msg14089.htmlsecalert@redhat.com
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083984.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/49763af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/49802af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/54277af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-1497-1af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugs.launchpad.net/nova/+bug/1015531af854a3a-2127-422b-91ae-364da2661108
N/A
https://github.com/openstack/nova/commit/2427d4a99bed35baefd8f17ba422cb7aae8dcca7af854a3a-2127-422b-91ae-364da2661108
N/A
https://github.com/openstack/nova/commit/b0feaffdb2b1c51182b8dce41b367f3449af5dd9af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
https://lists.launchpad.net/openstack/msg14089.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083984.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/49763
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/49802
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/54277
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-1497-1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://bugs.launchpad.net/nova/+bug/1015531
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://github.com/openstack/nova/commit/2427d4a99bed35baefd8f17ba422cb7aae8dcca7
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://github.com/openstack/nova/commit/b0feaffdb2b1c51182b8dce41b367f3449af5dd9
Source: secalert@redhat.com
Resource:
Exploit
Patch
Hyperlink: https://lists.launchpad.net/openstack/msg14089.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083984.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/49763
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/49802
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/54277
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-1497-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugs.launchpad.net/nova/+bug/1015531
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://github.com/openstack/nova/commit/2427d4a99bed35baefd8f17ba422cb7aae8dcca7
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://github.com/openstack/nova/commit/b0feaffdb2b1c51182b8dce41b367f3449af5dd9
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Hyperlink: https://lists.launchpad.net/openstack/msg14089.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Change History
0Changes found
Details not found