CVE Vulnerabilities

CVE-2013-7048

Published: Jan 23, 2014 | Modified: Nov 16, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
3.3 LOW
AV:L/AC:M/Au:N/C:P/I:P/A:N
RedHat/V2
5.8 MODERATE
AV:N/AC:M/Au:N/C:P/I:P/A:N
RedHat/V3
Ubuntu
LOW

OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots.

Affected Software

Name Vendor Start Version End Version
Nova Openstack 2013.1 (including) 2013.1.4 (including)
Nova Openstack 2013.2 (including) 2013.2.1 (including)
OpenStack 3 for RHEL 6 RedHat openstack-nova-0:2013.1.5-2.el6ost *
OpenStack 4 for RHEL 6 RedHat openstack-nova-0:2013.2.2-2.el6ost *
Nova Ubuntu raring *

References