CVSS: 6.0EPSS: 0%CPEs: 9EXPL: 0CVE-2014-0167 – openstack-nova: RBAC policy not properly enforced in Nova EC2 API
https://notcve.org/view.php?id=CVE-2014-0167
The Nova EC2 API security group implementation in OpenStack Compute (Nova) 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 does not enforce RBAC policies for (1) add_rules, (2) remove_rules, (3) destroy, and other unspecified methods in compute/api.py when using non-default policies, which allows remote authenticated users to gain privileges via these API requests. En la implementación del grupo de seguridad Nova EC2 API en OpenStack Compute (Nova) 2013.1 anterior a 2013.2.4 y icehouse anteior icehouse-rc2 no fuerza políticas RBAC para (1) add_rules, (2) remove_rules, (3) destroy, y otros métodos no especificados en compute/api.py cuando hace uso de políticas no por defecto, lo que permite a los usuarios remotos autenticados obtener privilegios a través de estas peticiones API. It was found that RBAC policies were not enforced in certain methods of the OpenStack Compute EC2 (Amazon Elastic Compute Cloud) API. A remote attacker could use this flaw to escalate their privileges beyond the user group they were originally restricted to. Note that only certain setups using non-default RBAC rules for OpenStack Compute were affected. • http://www.openwall.com/lists/oss-security/2014/04/09/26 http://www.ubuntu.com/usn/USN-2247-1 https://launchpad.net/bugs/1290537 https://access.redhat.com/security/cve/CVE-2014-0167 https://bugzilla.redhat.com/show_bug.cgi?id=1084868 • CWE-264: Permissions, Privileges, and Access Controls CWE-862: Missing Authorization •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2013-7130 – nova: Live migration can leak root disk into ephemeral storage
https://notcve.org/view.php?id=CVE-2013-7130
The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage. El método i_create_images_and_backing (también conocido como create_images_and_backing) en el driver libvirt en OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, cuando hace uso de un bloque de migración KVM en vivo, no crea debidamente todos los archivos esperados, lo que permite a atacantes obtener contenido de una instantánea del disco raíz de otros usuarios a través del almacenamiento efímero. • http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127732.html http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127735.html http://osvdb.org/102416 http://rhn.redhat.com/errata/RHSA-2014-0231.html http://secunia.com/advisories/56450 http://www.openwall.com/lists/oss-security/2014/01/23/5 http://www.securityfocus.com/bid/65106 http://www.ubuntu.com/usn/USN-2247-1 https://bugs.launchpad.net/nova/+bug/1251590 https://exchange.xfo • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.1EPSS: 0%CPEs: 9EXPL: 0CVE-2013-2030
https://notcve.org/view.php?id=CVE-2013-2030
keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as demonstrated using /tmp/keystone-signing-nova on Fedora. keystone/middleware/auth_token.py en OpenStack Nova Folsom, Grizzly, y Havana, utiliza un directorio temporal inseguro para almacenar certificados de firma, lo cual permite a usuarios locales impersonar servidores mediante la creación previa de este directorio, que es reutilizado por Nova, como se muestra utilizando /tmp/keystone-signing-nova en Fedora. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105916.html http://lists.openstack.org/pipermail/openstack-announce/2013-May/000098.html http://www.openwall.com/lists/oss-security/2013/05/09/2 https://bugs.launchpad.net/nova/+bug/1174608 https://bugzilla.redhat.com/show_bug.cgi?id=958285 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 1CVE-2013-4185 – OpenStack: Nova network source security groups denial of service
https://notcve.org/view.php?id=CVE-2013-4185
Algorithmic complexity vulnerability in OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote authenticated users to cause a denial of service (nova-network consumption) via a large number of server-creation operations, which triggers a large number of update requests. Vulnerabilidad de la complejidad algorítmica en OpenStack Compute (Nova) anteriores 03/01/2013 y Havana anterior a habana-3 no controla correctamente las actualizaciones de directiva de grupo de seguridad de código de red, lo que permite a usuarios remotos autenticados causar una denegación de servicio (consumo nova de la red) a través de una gran número de operaciones del servidor de creación, que desencadena un gran número de solicitudes de actualización. • http://rhn.redhat.com/errata/RHSA-2013-1199.html http://seclists.org/oss-sec/2013/q3/282 https://bugs.launchpad.net/nova/+bug/1184041 https://access.redhat.com/security/cve/CVE-2013-4185 https://bugzilla.redhat.com/show_bug.cgi?id=993331 • CWE-310: Cryptographic Issues •