Miggo Logo

CVE-2012-3360: OpenStack Nova Directory traversal vulnerability

N/A

CVSS Score

Basic Information

EPSS Score
0.84902%
Published
5/17/2022
Updated
11/22/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
-
Package NameEcosystemVulnerable VersionsFirst Patched Version
novapip< 12.0.0a012.0.0a0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper path sanitization in the file injection mechanism. The original implementation of _inject_file_into_fs in api.py used os.path.join(fs, path.lstrip('/')) without resolving symlinks or checking for traversal. The fix introduced _join_and_check_path_within_fs to normalize paths and ensure they stay within the guest filesystem. The commit message explicitly states this addresses CVE-2012-3360, and the diff shows _inject_file_into_fs was modified to use the new safety check. Unit tests added in test_virt.py verify that paths with '..' are rejected, confirming the vulnerable function's behavior before patching.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*ir**tory tr*v*rs*l vuln*r**ility in `virt/*isk/*pi.py` in Op*nSt**k *omput* (Nov*) *olsom (****.*) *n* *ss*x (****.*), w**n us** ov*r li*virt-**s** *yp*rvisors, *llows r*mot* *ut**nti**t** us*rs to writ* *r*itr*ry *il*s to t** *isk im*** vi* * .. (*

Reasoning

T** vuln*r**ility st*ms *rom improp*r p*t* s*nitiz*tion in t** *il* inj**tion m****nism. T** ori*in*l impl*m*nt*tion o* _inj**t_*il*_into_*s in *pi.py us** os.p*t*.join(*s, p*t*.lstrip('/')) wit*out r*solvin* symlinks or ****kin* *or tr*v*rs*l. T** *