OpenStack Glance Server-Side Request Forgery (SSRF)

GHSA-j6mr-cm6x-h6jg · CVE-2017-7200

Published May 17, 2022 · Modified May 19, 2024

Description

An SSRF issue was discovered in OpenStack Glance before Newton. The 'copy_from' feature in the Image Service API v1 allowed an attacker to perform masked network port scans. With v1, it is possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to enumerate internal network details while appearing masked, since the scan would appear to originate from the Glance Image service.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2017-7200
WEB https://github.com/openstack/glance/commit/b1ac90f7914d91b25144cc4063fa994fb5019ee3
WEB https://bugs.launchpad.net/ossn/+bug/1153614
WEB https://bugs.launchpad.net/ossn/+bug/1606495
PACKAGE https://github.com/openstack/glance
WEB https://wiki.openstack.org/wiki/OSSN/OSSN-0078
WEB http://www.securityfocus.com/bid/96988

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes