CVE-2022-47951

Published: Jan 26, 2023Modified: Mar 31, 2025

5.7

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Exploitability: 2.1 / Impact: 3.6

Source: NVD

Description

An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data.

Affected (8)

Products: Openstack: Cinder, Glance, Nova · Debian: Debian Linux

3 products

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Openstack Cinder	Up to 19.1.2
Openstack Cinder	From 20.0.0 to 20.0.2
Openstack Glance	Before 23.0.1
Openstack Glance	From 24.0.0 to 24.1.1
Openstack Nova	Before 24.1.2
Openstack Nova	From 25.0.0 to 25.0.2

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0
Debian Debian Linux	Version 11.0

Related CWEs

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References (16)

https://launchpad.net/bugs/1996188

Source: cve@mitre.org

ExploitIssue TrackingPatchThird Party Advisory

https://lists.debian.org/debian-lts-announce/2023/01/msg00040.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2023/01/msg00041.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2023/01/msg00042.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://security.openstack.org/ossa/OSSA-2023-002.html

Source: cve@mitre.org

PatchVendor Advisory

https://www.debian.org/security/2023/dsa-5336

Source: cve@mitre.org

Third Party Advisory

https://www.debian.org/security/2023/dsa-5337

Source: cve@mitre.org

Third Party Advisory

https://www.debian.org/security/2023/dsa-5338

Source: cve@mitre.org

Third Party Advisory

https://launchpad.net/bugs/1996188

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingPatchThird Party Advisory

https://lists.debian.org/debian-lts-announce/2023/01/msg00040.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2023/01/msg00041.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2023/01/msg00042.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://security.openstack.org/ossa/OSSA-2023-002.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://www.debian.org/security/2023/dsa-5336

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.debian.org/security/2023/dsa-5337

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.debian.org/security/2023/dsa-5338

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.