Medium
CVSS 4.9
Overview
Nova 2011.3 and Essex, when using the OpenStack API, allows remote authenticated users to bypass access restrictions for tenants of other users via an OSAPI request with a modified project_id URI parameter.
CVE-2012-0030
Nova 2011.3 and Essex, when using the OpenStack API, allows remote authenticated...
Risk analysis
This vulnerability is rated 🟡 MEDIUM.
- CVSS: 4.9 (MEDIUM)
- Detected tags: none (tag impact: LOW)
Recommended actions:
- Prioritize remediation based on business criticality and exposure.
- Limit exposure and increase monitoring until fixed.