Vulnerabilities > Openstack > Compute > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-01 | CVE-2013-2255 | Improper Certificate Validation vulnerability in multiple products HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates. | 5.9 |
| 2017-08-09 | CVE-2015-2687 | Improper Access Control vulnerability in Openstack Compute OpenStack Compute (nova) Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for. | 4.7 |