{"id":"PYSEC-2017-145","details":"OpenStack Compute (nova) Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for.","aliases":["CVE-2015-2687","GHSA-97fv-22hc-mrgj"],"modified":"2024-11-25T22:42:04.726357Z","published":"2017-08-09T18:29:00Z","references":[{"type":"WEB","url":"https://review.openstack.org/#/c/338929/"},{"type":"ADVISORY","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1205313"},{"type":"ADVISORY","url":"https://bugs.launchpad.net/nova/+bug/1419577"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/77505"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2015/03/25/3"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2015/03/24/10"}],"affected":[{"package":{"name":"nova","ecosystem":"PyPI","purl":"pkg:pypi/nova"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"15.0.0.0b1"}]}],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/nova/PYSEC-2017-145.yaml"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}