Medium severity4.7NVD Advisory· Published Aug 9, 2017· Updated Jun 17, 2026
CVE-2015-2687
CVE-2015-2687
Description
OpenStack Compute (nova) Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
novaPyPI | < 15.0.0.0b1 | 15.0.0.0b1 |
Affected products
17cpe:2.3:a:openstack:compute:2013.2:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:openstack:compute:2013.2:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:compute:2013.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:compute:2013.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:compute:2013.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:compute:2013.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:compute:2014.1:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:compute:2014.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:compute:2014.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:compute:2014.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:compute:2014.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:compute:2014.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:compute:2014.2:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:compute:2014.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:compute:2014.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:compute:2014.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:compute:2014.2.4:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
11- www.openwall.com/lists/oss-security/2015/03/24/10nvdMailing ListThird Party AdvisoryWEB
- www.openwall.com/lists/oss-security/2015/03/25/3nvdMailing ListThird Party AdvisoryWEB
- www.securityfocus.com/bid/77505nvdThird Party AdvisoryVDB Entry
- bugs.launchpad.net/nova/+bug/1419577nvdIssue TrackingThird Party AdvisoryVDB EntryWEB
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-97fv-22hc-mrgjghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2015-2687ghsaADVISORY
- review.openstack.orgnvdThird Party Advisory
- github.com/openstack/nova/commit/b83cae02ece4c338e09c3606c6ae69b715bd6f8cghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2017-145.yamlghsaWEB
- review.openstack.orgghsaWEB
News mentions
0No linked articles in our index yet.