Описание
OpenStack Compute (Nova) allows remote authenticated users to obtain sensitive information
OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to obtain sensitive information (flavor properties), boot arbitrary flavors, and possibly have other unspecified impacts by guessing the flavor id.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2013-2256
- https://access.redhat.com/errata/RHSA-2013:1199
- https://access.redhat.com/security/cve/CVE-2013-2256
- https://bugs.launchpad.net/nova/+bug/1194093
- https://bugzilla.redhat.com/show_bug.cgi?id=993340
- http://rhn.redhat.com/errata/RHSA-2013-1199.html
- http://seclists.org/oss-sec/2013/q3/281
Пакеты
nova
< 2013.1.3
2013.1.3
EPSS
CVE ID
Связанные уязвимости
OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to obtain sensitive information (flavor properties), boot arbitrary flavors, and possibly have other unspecified impacts by guessing the flavor id.
OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to obtain sensitive information (flavor properties), boot arbitrary flavors, and possibly have other unspecified impacts by guessing the flavor id.
OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to obtain sensitive information (flavor properties), boot arbitrary flavors, and possibly have other unspecified impacts by guessing the flavor id.
OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 do ...
EPSS