Thursday, August 31, 2017

IBM Security Bulletin: IBM PowerVC is impacted by OpenStack Glance server-side request forgery (CVE-2017-7200)

IBM PowerVC may disclose some sensitive information while creating images with ‘copy_from’ feature in the v1 Image Service API.

CVE(s): CVE-2017-7200

Affected product(s) and affected version(s):

PowerVC Standard Edition 1.3.1.x
PowerVC Standard Edition 1.3.2.x

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2gs4Ish
X-Force Database: http://ift.tt/2eHk4oY

The post IBM Security Bulletin: IBM PowerVC is impacted by OpenStack Glance server-side request forgery (CVE-2017-7200) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2gt1sNa

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.