CVSS: 4.3EPSS: 1%CPEs: 6EXPL: 0CVE-2013-1838 – Nova: DoS by allocating all Fixed IPs
https://notcve.org/view.php?id=CVE-2013-1838
OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) does not properly implement a quota for fixed IPs, which allows remote authenticated users to cause a denial of service (resource exhaustion and failure to spawn new instances) via a large number of calls to the addFixedIp function. OpenStack Compute (Nova) Grizzly, Folsom (versión 2012.2) y Essex (versión 2012.1) no implementan apropiadamente una cuota para direcciones IP fijas, lo que permite a los usuarios autenticados remotos causar una denegación de servicio (agotamiento de recursos y fallo para crear nuevas instancias) por medio de un gran número de llamadas a la función addFixedIp. • http://osvdb.org/91303 http://rhn.redhat.com/errata/RHSA-2013-0709.html http://secunia.com/advisories/52580 http://secunia.com/advisories/52728 http://ubuntu.com/usn/usn-1771-1 http://www.openwall.com/lists/oss-security/2013/03/14/18 http://www.securityfocus.com/bid/58492 https://bugs.launchpad.net/nova/+bug/1125468 https://bugzilla.redhat.com/show_bug.cgi?id=919648 https://exchange.xforce.ibmcloud.com/vulnerabilities/82877 https://lists.launchpad.net/openstack& • CWE-399: Resource Management Errors •
CVSS: 6.0EPSS: 0%CPEs: 6EXPL: 0CVE-2013-0335 – nova: VNC proxy can connect to the wrong VM
https://notcve.org/view.php?id=CVE-2013-0335
OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to gain access to a VM in opportunistic circumstances by using the VNC token for a deleted VM that was bound to the same VNC port. OpenStack Compute (Nova) Grizzly, Folsom (v2012.2) y Essex (v2012.1) permite a usuarios remotos autenticados acceder a una máquina virtual en circunstancias oportunistas utilizando el token VNC para eliminar una máquina virtual que se dirigía al mismo puerto VNC. • http://rhn.redhat.com/errata/RHSA-2013-0709.html http://secunia.com/advisories/52337 http://secunia.com/advisories/52728 http://www.openwall.com/lists/oss-security/2013/02/26/7 http://www.osvdb.org/90657 http://www.ubuntu.com/usn/USN-1771-1 https://bugs.launchpad.net/nova/+bug/1125378 https://review.openstack.org/#/c/22086 https://review.openstack.org/#/c/22758 https://review.openstack.org/#/c/22872 https://access.redhat.com/security/cve • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 1%CPEs: 2EXPL: 0CVE-2013-1865 – keystone: online validation of Keystone PKI tokens bypasses revocation check
https://notcve.org/view.php?id=CVE-2013-1865
OpenStack Keystone Folsom (2012.2) does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token. OpenStack Keystone Folsom (2012.2) no lleva a cabo todas las comprobaciones de revocación de tokens Keystone PKI cuando se hace a través de un servidor, lo que permite a atacantes remotos evitar las restricciones de acceso destinados a través de un token de revocar PKI. • http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101719.html http://lists.opensuse.org/opensuse-updates/2013-04/msg00000.html http://osvdb.org/91532 http://rhn.redhat.com/errata/RHSA-2013-0708.html http://secunia.com/advisories/52657 http://www.openwall.com/lists/oss-security/2013/03/20/13 http://www.securityfocus.com/bid/58616 http://www.ubuntu.com/usn/USN-1772-1 https://bugs.launchpad.net/keystone/+bug/1129713 https://review.openstack.org/# • CWE-285: Improper Authorization CWE-287: Improper Authentication •
CVSS: 3.5EPSS: 0%CPEs: 5EXPL: 0CVE-2013-1840 – Glance: Backend credentials leak in Glance v1 API
https://notcve.org/view.php?id=CVE-2013-1840
The v1 API in OpenStack Glance Essex (2012.1), Folsom (2012.2), and Grizzly, when using the single-tenant Swift or S3 store, reports the location field, which allows remote authenticated users to obtain the operator's backend credentials via a request for a cached image. La API v1 en OpenStack Vistazo Essex (2012.1), Folsom (2012.2) y Grizzly, al utilizar el 'single-tenant Swift' o la tienda S3, informa el campo de ubicación, lo que permite obtener las credenciales del back-end del operador a usuarios remotos autenticados a través de una solicitud de una imagen almacenada en caché. • http://osvdb.org/91304 http://rhn.redhat.com/errata/RHSA-2013-0707.html http://secunia.com/advisories/52565 http://www.openwall.com/lists/oss-security/2013/03/14/15 http://www.securityfocus.com/bid/58490 http://www.ubuntu.com/usn/USN-1764-1 https://bugs.launchpad.net/glance/+bug/1135541 https://exchange.xforce.ibmcloud.com/vulnerabilities/82878 https://review.openstack.org/#/c/24437 https://review.openstack.org/#/c/24438 https://review.openstack.org&#x • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2012-5625 – Nova: Information leak in libvirt LVM-backed instances
https://notcve.org/view.php?id=CVE-2012-5625
OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume (PV) content when reallocating for instances, which allows attackers to obtain sensitive information by reading the memory of the previous logical volume (LV). OpenStack Compute (Nova) Folsom antes de 2012.2.2 y Grizzly, cuando utiliza instancias con respaldo libvirt y LVM, no limpia adecuadamente el contenido del volumen físico (PV) cuando se reasignan las instancias, lo que permite a los atacantes obtener información sensible mediante la lectura de la memoria de la anterior volumen lógico (LV). • http://osvdb.org/88419 http://rhn.redhat.com/errata/RHSA-2013-0208.html http://www.openwall.com/lists/oss-security/2012/12/11/5 http://www.securityfocus.com/bid/56904 http://www.ubuntu.com/usn/USN-1663-1 https://bugs.launchpad.net/nova/+bug/1070539 https://bugzilla.redhat.com/show_bug.cgi?id=884293 https://github.com/openstack/nova/commit/9d2ea970422591f8cdc394001be9a2deca499a5f https://github.com/openstack/nova/commit/a99a802e008eed18e39fc1d98170edc495cbd354 https://launchpad.net/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •