CVE Vulnerabilities

CVE-2013-0208

Published: Feb 13, 2013 | Modified: Aug 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.5 MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
RedHat/V2
6.5 IMPORTANT
AV:N/AC:L/Au:S/C:P/I:P/A:P
RedHat/V3
Ubuntu

The boot-from-volume feature in OpenStack Compute (Nova) Folsom and Essex, when using nova-volumes, allows remote authenticated users to boot from other users' volumes via a volume id in the block_device_mapping parameter.

Affected Software

Name Vendor Start Version End Version
Essex Openstack - -
Folsom Openstack - -
OpenStack Folsom for RHEL 6 RedHat openstack-nova-0:2012.2.2-8.el6ost *
Nova Ubuntu devel *
Nova Ubuntu oneiric *
Nova Ubuntu precise *
Nova Ubuntu quantal *

References