Vulnerability Details : CVE-2016-2140
The libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) and 12.0.x before 12.0.3 (liberty), when using raw storage and use_cow_images is set to false, allows remote authenticated users to read arbitrary files via a crafted qcow2 header in an ephemeral or root disk.
Vulnerability category: Information leak
Products affected by CVE-2016-2140
- cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-2140
0.14%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 49 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-2140
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.5
|
LOW | AV:N/AC:M/Au:S/C:P/I:N/A:N |
6.8
|
2.9
|
NIST | |
5.3
|
MEDIUM | CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.6
|
3.6
|
NIST |
CWE ids for CVE-2016-2140
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-2140
-
http://www.openwall.com/lists/oss-security/2016/03/08/6
oss-security - Re: [OSSA 2016-007] Nova host data leak through resize/migration (CVE-2016-2140)Mailing List;Third Party Advisory
-
https://security.openstack.org/ossa/OSSA-2016-007.html
OpenStack Docs: OSSA-2016-007: Nova host data leak through resize/migrationPatch;Vendor Advisory
-
http://www.securityfocus.com/bid/84277
OpenStack Compute (Nova) CVE-2016-2140 Security Bypass VulnerabilityThird Party Advisory;VDB Entry
-
https://bugs.launchpad.net/nova/+bug/1548450
Bug #1548450 “[OSSA 2016-007] Host data leak during resize/migra...” : Bugs : OpenStack Compute (nova)Third Party Advisory
Jump to