CVE-2017-7200
Published: 21 March 2017
An SSRF issue was discovered in OpenStack Glance before Newton. The 'copy_from' feature in the Image Service API v1 allowed an attacker to perform masked network port scans. With v1, it is possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to enumerate internal network details while appearing masked, since the scan would appear to originate from the Glance Image service.
Notes
Author | Note |
---|---|
mdeslaur | no fix is available for this issue. Please see the upstream for recommended workarounds. |
Priority
Severity score breakdown
Parameter | Value |
---|---|
Base score | 5.8 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Changed |
Confidentiality | Low |
Integrity impact | None |
Availability impact | None |
Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N |