Vulnerabilities > Openstack > Compute

DATE CVE VULNERABILITY TITLE RISK
2019-11-01 CVE-2013-2255 Improper Certificate Validation vulnerability in multiple products
HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.
network
high complexity
redhat openstack debian CWE-295
5.9
2017-08-09 CVE-2015-2687 Improper Access Control vulnerability in Openstack Compute
OpenStack Compute (nova) Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for.
local
high complexity
openstack CWE-284
4.7