CVSS: 9.1EPSS: 2%CPEs: 8EXPL: 0CVE-2013-7130 – nova: Live migration can leak root disk into ephemeral storage
https://notcve.org/view.php?id=CVE-2013-7130
06 Feb 2014 — The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage. El método i_create_images_and_backing (también conocido como create_images_and_backing) en el driver libvirt en OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, cuando hace uso... • http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127732.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2013-4463 – Nova: Compressed disk image DoS
https://notcve.org/view.php?id=CVE-2013-4463
31 Jan 2014 — OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) via a compressed QCOW2 image. NOTE: this issue is due to an incomplete fix for CVE-2013-2096. OpenStack Compute (Nova) Folsom, Grizzly y Havana no verifican debidamente el tamaño virtual de una imagen QCOW2, lo que permite a usuarios locales causar un denegación de servicio (consumo de disco del sistema de a... • http://rhn.redhat.com/errata/RHSA-2014-0112.html • CWE-399: Resource Management Errors •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6419 – Nova: Metadata queries from Neutron to Nova are not restricted by tenant
https://notcve.org/view.php?id=CVE-2013-6419
07 Jan 2014 — Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 and icehouse-1 does not validate the instance ID of the tenant making a request, which allows remote tenants to obtain sensitive metadata by spoofing the device ID that is bound to a port, which is not properly handled by (1) api/metadata/handler.py in Nova and (2) the neutron-metadata-agent (agent/metadata/agent.py) in Neutron. Error de interacción en OpenStack Nova y Neutron anteriores a Havana 2013.2.1 e icehouse-1 no valida el ID de ... • http://rhn.redhat.com/errata/RHSA-2014-0091.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 0%CPEs: 9EXPL: 0CVE-2013-2030
https://notcve.org/view.php?id=CVE-2013-2030
27 Dec 2013 — keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as demonstrated using /tmp/keystone-signing-nova on Fedora. keystone/middleware/auth_token.py en OpenStack Nova Folsom, Grizzly, y Havana, utiliza un directorio temporal inseguro para almacenar certificados de firma, lo cual permite a usuarios locales impersonar... • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105916.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2013-4497 – openstack-nova: XenAPI security groups not kept through migrate or resize
https://notcve.org/view.php?id=CVE-2013-4497
05 Nov 2013 — The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows remote attackers to bypass intended restrictions. El backend XenAPI en OpenStack Compute (Nova) Folsom, Grizzly, y Habana anterior a 2013.2 no se aplica correctamente los grupos de seguridad (1) al cambiar el tamaño de una imagen o (2) durante la migración en tiempo real, lo que permite a atacantes remotos evita... • http://www.openwall.com/lists/oss-security/2013/11/03/2 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 1CVE-2013-4477 – openstack-keystone: unintentional role granting with Keystone LDAP backend
https://notcve.org/view.php?id=CVE-2013-4477
02 Nov 2013 — The LDAP backend in OpenStack Identity (Keystone) Grizzly and Havana, when removing a role on a tenant for a user who does not have that role, adds the role to the user, which allows local users to gain privileges. El backend LDAP en OpenStack Identity (Keystone) Grizzly y Habana, cuando al retirar un rol de un inquilino para un usuario que no tiene esa función, añade el role al usuario, lo que permite a usuarios locales conseguir privilegios. The openstack-keystone packages provide keystone, a Python imple... • http://rhn.redhat.com/errata/RHSA-2014-0113.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2013-4469 – Ubuntu Security Notice USN-2247-1
https://notcve.org/view.php?id=CVE-2013-4469
02 Nov 2013 — OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual size that does not contain a large amount of data from Glance. NOTE: this issue is due to an incomplete fix for CVE-2013-2096. OpenStack Compute (Nova) Folsom, Grizzly, y Habana, cuando use_cow_images se establece como False, no verif... • http://www.openwall.com/lists/oss-security/2013/10/31/3 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2013-4179 – OpenStack: Nova XML entities DoS
https://notcve.org/view.php?id=CVE-2013-4179
04 Sep 2013 — The security group extension in OpenStack Compute (Nova) Grizzly 2013.1.3, Havana before havana-3, and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664. La extensión de grupos de seguridad en OpenStack Compute (Nova) Grizzly 2013.1.3, Havana anteriores a havana-3, y anteriores, permite a atacantes remotos causar una denegación de servicio (consumo de recursos ... • http://rhn.redhat.com/errata/RHSA-2013-1199.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 6.5EPSS: 0%CPEs: 35EXPL: 0CVE-2013-4155 – OpenStack: Swift Denial of Service using superfluous object tombstones
https://notcve.org/view.php?id=CVE-2013-4155
12 Aug 2013 — OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service ("superfluous" tombstone consumption and Swift cluster slowdown) via a DELETE request with a timestamp that is older than expected. OpenStack Swift nateior a 1.9.1 en Folsom, Grizzly, y Havana, permite a usuarios autenticados provocar una denegación de servicio (consumo superfluo de tombstone y desaceleración del clúster Swift) a través de una petición DELETE con un timestamp que es más antigu... • http://rhn.redhat.com/errata/RHSA-2013-1197.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2013-2096
https://notcve.org/view.php?id=CVE-2013-2096
09 Jul 2013 — OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by creating an image with a large virtual size that does not contain a large amount of data. Folsom, Grizzly y Havana de OpenStack Compute (Nova), no comprueba el tamaño virtual de una imagen QCOW2, lo que permite a los usuarios locales causar una denegación de servicio (consumo de disco del sistema de archivos host)... • http://lists.openstack.org/pipermail/openstack-announce/2013-May/000102.html • CWE-399: Resource Management Errors •