{"id":"CVE-2023-2088","details":"A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerability by detaching one of their volumes from Cinder. The highest impact is to confidentiality.","modified":"2025-08-09T19:01:27Z","published":"2023-05-12T21:15:09Z","references":[{"type":"REPORT","url":"https://bugs.launchpad.net/bugs/2004555"},{"type":"WEB","url":"https://security.openstack.org/ossa/OSSA-2023-003.html"}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}