VYPR
Moderate severityNVD Advisory· Published Jun 21, 2012· Updated Jun 16, 2026

CVE-2012-2654

CVE-2012-2654

Description

The (1) EC2 and (2) OS APIs in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) do not properly check the protocol when security groups are created and the network protocol is not specified entirely in lowercase, which allows remote attackers to bypass intended access restrictions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
novaPyPI
< 12.0.0a012.0.0a0

Affected products

4

Patches

Vulnerability mechanics

References

13

News mentions

0

No linked articles in our index yet.