VYPR
Unrated severityNVD Advisory· Published Oct 27, 2013· Updated Jun 16, 2026

CVE-2013-4428

CVE-2013-4428

Description

OpenStack Image Registry and Delivery Service (Glance) Folsom, Grizzly before 2013.1.4, and Havana before 2013.2, when the download_image policy is configured, does not properly restrict access to cached images, which allows remote authenticated users to read otherwise restricted images via an image UUID.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • OpenStack/Glance4 versions
    cpe:2.3:a:openstack:glance:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:openstack:glance:*:*:*:*:*:*:*:*range: >=2012.2,<=2012.2.4
    • cpe:2.3:a:openstack:glance:2013.2:milestone1:*:*:*:*:*:*
    • cpe:2.3:a:openstack:glance:2013.2:milestone2:*:*:*:*:*:*
    • cpe:2.3:a:openstack:glance:2013.2:milestone3:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
  • Glances/Glancesllm-fuzzy
    Range: Grizzly <2013.1.4, Havana <2013.2

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.