CVE-2024-40767

MEDIUM Year: 2024
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-552
View all →

Vulnerability Description

In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Nova deployments are affected. NOTE: this issue exists because of an incomplete fix for CVE-2022-47951 and CVE-2024-32498.

Related Vulnerabilities

CVE-2016-10829

MEDIUM
CVSS:6.5(Medium)

cPanel before 55.9999.141 allows arbitrary file-read operations because of a multipart form processing error (SEC-99).

CWE-5522016

CVE-2017-1308

MEDIUM
CVSS:6.5(Medium)

IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0 could allow an authenticated attacker to download files they should not have access to due to improper access controls. IBM X-Force I...

CWE-5522017

CVE-2017-6922

MEDIUM
CVSS:6.5(Medium)

In Drupal core 8.x prior to 8.3.4 and Drupal core 7.x prior to 7.56; Private files that have been uploaded by an anonymous user but not permanently attached to content on the site should only be visib...

CWE-5522017

CVE-2018-1079

MEDIUM
CVSS:6.5(Medium)

pcs before version 0.9.164 and 0.10 is vulnerable to a privilege escalation via authorized user malicious REST call. The REST interface of the pcsd service did not properly sanitize the file name from...

CWE-5522018

CVE-2019-13140

MEDIUM
CVSS:6.5(Medium)

Inteno EG200 EG200-WU7P1U_ADAMO3.16.4-190226_1650 routers have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to dec...

CWE-5522019

CVE-2019-17130

MEDIUM
CVSS:6.5(Medium)

vBulletin through 5.5.4 mishandles external URLs within the /core/vb/vurl.php file and the /core/vb/vurl directories.

CWE-5522019