Home/CVE/Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImag
CVE

CVE-2011-4596

Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImag

Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted (1) tarball or (2) manifest.

MEDIUM · CVSS 6 EPSS 0.00541
Monitor
  • No active-exploitation, high-EPSS, or public-exploit signals - routine patching cadence
Sigma rules0 YARA rules0

Weakness Classification

CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected Products & Versions

1
openstack nova>= 2011.3 and < 2011.3.1

Affected Packages

1
Language-ecosystem packages (from OSV) tied to this CVE, with the version that fixes it - the dependency-level detail NVD doesn’t carry.
PyPI nova MODERATE fixed in 12.0.0a0

Scoring & Timeline

6
MEDIUM · CVSS v2 (legacy) · secalert@redhat.com
View on NVD
This CVE predates CVSS v3; the legacy v2 score is shown so triage still has a severity to work with.
v2 Vector
AV:N/AC:M/Au:S/C:P/I:P/A:P
Published to NVD23 Dec 2011 · 10:55 PM

Vendor Advisories

1
usnUSN-1305-1
🔗

References & Sources

5
Source URLs (vendor pages, mailing lists, write-ups). Exploit/PoC links are in their own section above to avoid duplication.
https://bugs.launchpad.net/nova/+bug/885167Third Party Advisory
https://bugs.launchpad.net/nova/+bug/894755Third Party Advisory
https://github.com/openstack/nova/commit/76363226bd8533256f7795bba358d7f4b8a6c9e6Third Party Advisory
https://github.com/openstack/nova/commit/ad3241929ea00569c74505ed002208ce360c667eThird Party Advisory
https://lists.launchpad.net/openstack/msg06105.htmlThird Party Advisory
Intelligence Graph · click any node to traverse
CVETechnique ActorTool Family
drag to reposition · click any node to traverse · button top-right enlarges
External lookups - second-class, for what we don’t hold ourselves
NVDCVE.orgCISAVulnersExploit-DBGitHub PoCVulnCheck KEVGreyNoise
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin