Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2012-4573 | First vendor Publication | 2012-11-11 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:S/C:N/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 5.5 | Attack Range | Network |
| Cvss Impact Score | 4.9 | Attack Complexity | Low |
| Cvss Expoit Score | 8 | Authentication | Requires single instance |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different vulnerability than CVE-2012-5482. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4573 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:18021 | |||
| Oval ID: | oval:org.mitre.oval:def:18021 | ||
| Title: | USN-1626-1 -- glance vulnerability | ||
| Description: | Glance could be made to delete arbitrary images. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1626-1 CVE-2012-4573 | Version: | 7 |
| Platform(s): | Ubuntu 12.10 Ubuntu 12.04 | Product(s): | glance |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:18027 | |||
| Oval ID: | oval:org.mitre.oval:def:18027 | ||
| Title: | USN-1626-2 -- glance vulnerability | ||
| Description: | Glance could be made to delete arbitrary images. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1626-2 CVE-2012-4573 | Version: | 7 |
| Platform(s): | Ubuntu 12.10 | Product(s): | glance |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 | |
| Application | 1 | |
| Application | 1 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-11-23 | Name : Fedora Update for openstack-glance FEDORA-2012-18085 File : nvt/gb_fedora_2012_18085_openstack-glance_fc17.nasl |
| 2012-11-15 | Name : Ubuntu Update for glance USN-1626-2 File : nvt/gb_ubuntu_USN_1626_2.nasl |
| 2012-11-09 | Name : Ubuntu Update for glance USN-1626-1 File : nvt/gb_ubuntu_USN_1626_1.nasl |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2012-11-21 | Name : The remote Fedora host is missing a security update. File : fedora_2012-18085.nasl - Type : ACT_GATHER_INFO |
| 2012-11-14 | Name : The remote Fedora host is missing a security update. File : fedora_2012-17901.nasl - Type : ACT_GATHER_INFO |
| 2012-11-12 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1626-2.nasl - Type : ACT_GATHER_INFO |
| 2012-11-09 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1626-1.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 22:59:06 |
|
| 2024-11-28 12:31:35 |
|
| 2021-05-04 12:21:39 |
|
| 2021-04-22 01:25:47 |
|
| 2020-05-23 00:34:42 |
|
| 2017-08-29 09:24:01 |
|
| 2016-06-28 22:03:51 |
|
| 2015-02-13 17:21:59 |
|
| 2015-02-12 00:21:58 |
|
| 2015-02-10 00:22:07 |
|
| 2014-02-17 11:13:27 |
|
| 2013-08-17 17:20:34 |
|
| 2013-05-10 22:46:26 |
|
| 2013-02-08 13:20:08 |
|
| 2013-02-02 13:23:24 |
|
| 2012-12-05 13:19:03 |
|
| 2012-11-13 13:21:24 |
|
| 2012-11-11 17:20:11 |
|
