IBM Security Bulletin: IBM Cloud Manager with OpenStack RabbitMQ Vulnerability (CVE-2014-9494)
|
System information
|
|
|
Affected software |
IBM |
Description
|
IBM Cloud Manager with OpenStack is vulnerable to a RabbitMQ vulnerability that allows a remote attacker to appear as a local user and bypass security restrictions by sending a specially crafted X-Forwarded-For header. CVE(s): CVE-2014-9494 Affected product(s) and affected version(s): IBM Cloud Manager with OpenStack 4.2.0 through 4.2.0.2 interim fix 3 Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin:
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ibm_cloud_manager_with_openstack_rabbitmq_vulnerability_cve_2014_9494?lang=en_us |
Standar resources
|
Property |
Value |
CVE |
CVE-2014-9494 ,CVE-2014-8910 and CVE-2015-4000. |