Critical OpenStack Arbitrary File Access Flaw Exposes Cloud Data to Hackers | allinfosecnews.com

July 4, 2024, 11:23 a.m. | Guru Baran

Cyber Security News cybersecuritynews.com

A critical security vulnerability has been identified in OpenStack, a widely used open-source cloud computing platform. The flaw tracked as CVE-2024-32498, allows authenticated attackers to gain unauthorized access to arbitrary files on the host system, potentially exposing sensitive data. The vulnerability stems from improper input validation in OpenStack’s QCOW2 and VMDK image file handling. The […]

The post Critical OpenStack Arbitrary File Access Flaw Exposes Cloud Data to Hackers appeared first on Cyber Security News.

access arbitrary files attackers cloud cloud computing cloud data computing critical cve cve-2024 cyber security data exposing file files flaw hackers host input input validation platform security security vulnerability sensitive sensitive data system unauthorized unauthorized access validation vulnerability

More from cybersecuritynews.com / Cyber Security News

Japan Sets New Internet Speed Record of 402 Tb/s Via Optical Fiber 8 hours ago | cybersecuritynews.com

capabilities cyber security data fiber +13

PoC Exploit Released for HTTP File Server Remote Code Execution Vulnerability 1 day, 9 hours ago | cybersecuritynews.com

code code execution commands concept +24

Hackers Weaponizing ScreenConnect Remote Access Client to Deliver AsyncRAT 2 days ago | cybersecuritynews.com

access asyncrat campaign client +19

Teamviewer Discloses Investigation Update Following Cyber Attack 2 days, 1 hour ago | cybersecuritynews.com

attack breach connectivity corporate +22

Team ARXU Hackers Aggressively Attacking Schools And Bank Servers 2 days, 1 hour ago | cybersecuritynews.com

bank banks can cyber-attack +29

Hackers Using ProxyLogon & ProxyShell To Attack Microsoft Exchange Servers 2 days, 2 hours ago | cybersecuritynews.com

attack can communication cyber-attack +19

Logsign Unified SecOps RCE Vulnerabilities Let Attackers Gain Control of the System 2 days, 6 hours ago | cybersecuritynews.com

attackers can code code execution +24

Beware of Open-Source Neptune Stealer Delivered Via GitHub 2 days, 6 hours ago | cybersecuritynews.com

analysts code cyber security cybersecurity +20

New SnailLoad Side-Channel Attack Let Hackers Monitor Your Web Activity 2 days, 10 hours ago | cybersecuritynews.com

attack attacks can channel +25

Technology Risk & Controls Manager

@ LegalAndGeneral | London, United Kingdom

View on infosec-jobs.com

Solutions Architect - Prisma Cloud

@ Palo Alto Networks | Munich, Germany

View on infosec-jobs.com

Security Operations Engineer

@ Cognite | Oslo

View on infosec-jobs.com

Ingénieur Cybersécurité PKI

@ Alter Solutions | PARIS, France

View on infosec-jobs.com

Cyber Security Project Engineer

@ Dezign Concepts LLC | Chantilly, VA

View on infosec-jobs.com

Cloud Cybersecurity Incident Response Lead

@ Maveris | Martinsburg, West Virginia, United States

View on infosec-jobs.com