OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2015-10-29T20:00:00

Updated: 2024-08-06T07:58:59.895Z

Reserved: 2015-10-06T00:00:00

Link: CVE-2015-7713

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2015-10-29T20:59:09.807

Modified: 2024-11-21T02:37:16.690

Link: CVE-2015-7713

cve-icon Redhat

Severity : Moderate

Publid Date: 2015-10-05T00:00:00Z

Links: CVE-2015-7713 - Bugzilla