date: 2013-03-14

id: OSSA-2013-007

title: 'Backend credentials leak in Glance v1 API'

description: 'Stuart McLaren from HP reported a vulnerability in the information potentially
  returned to the user in Glance v1 API. If an authenticated user requests, through
  the v1 API, an image that is already cached, the headers returned may disclose the
  Glance operator''s backend credentials for that endpoint. Only setups accepting
  the Glance v1 API and using either the single-tenant Swift store or S3 store are
  affected.'

reference: http://lists.openstack.org/pipermail/openstack-announce/2013-March/000085.html

affected-products:

  - product: glance
    version: All versions

vulnerabilities:

  - cve-id: CVE-2013-1840
    impact-assessment:
      source: 'Red Hat Product Security'
      rating: moderate
      assessment:
        type: CVSS2
        score: 3.5
        detail: AV:N/AC:M/Au:S/C:P/I:N/A:N
    classification:
      source: 'Red Hat Product Security'
      type: CWE
      detail: TODO

reporters:

  - name: 'Stuart McLaren'
    affiliation: HP
    reported:
      - CVE-2013-1840

issues:

  links:
    - https://launchpad.net/bugs/1135541

  type: launchpad

reviews:

  grizzly:
    - https://review.openstack.org/#/c/24437

  folsom:
    - https://review.openstack.org/#/c/24438

  essex:
    - https://review.openstack.org/#/c/24439

  type: gerrit