CVE-2013-0208
openstack-nova: Boot from volume allows access to random volumes
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The boot-from-volume feature in OpenStack Compute (Nova) Folsom and Essex, when using nova-volumes, allows remote authenticated users to boot from other users' volumes via a volume id in the block_device_mapping parameter.
La función de arranque de volumen en OpenStack Compute (Nova) Folsom y Essex, al utilizar NOVA-volúmenes, permite a usuarios remotos autenticados para arrancar desde volúmenes de otros usuarios a través de un identificador de volumen en el parámetro block_device_mapping.
The openstack-nova packages provide OpenStack Compute, a cloud computing fabric controller. The openstack-nova packages have been upgraded to upstream version 2012.2.2, which provides a number of bug fixes over the previous version. This update also fixes the following security issues: It was found that the boot-from-volume feature in nova-volume did not correctly validate if the user attempting to boot an image was permitted to do so. An authenticated user could use this flaw to bypass intended restrictions, allowing them to boot images they would otherwise not have access to, exposing data stored in other users' images. This issue did not affect configurations using the Cinder block storage mechanism, which is the default in Red Hat OpenStack.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2012-12-06 CVE Reserved
- 2013-01-30 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (13)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/89661 | Vdb Entry | |
| http://www.openwall.com/lists/oss-security/2013/01/29/9 | Mailing List |
|
| http://www.securityfocus.com/bid/57613 | Vdb Entry | |
| https://bugs.launchpad.net/nova/+bug/1069904 | X_refsource_confirm | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/81697 | Vdb Entry | |
| https://github.com/openstack/nova/commit/243d516cea9d3caa5a8267b12d2f577dcb24193b | X_refsource_confirm | |
| https://github.com/openstack/nova/commit/317cc0af385536dee43ef2addad50a91357fc1ad | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2013-0208.html | 2017-08-29 | |
| http://secunia.com/advisories/51963 | 2017-08-29 | |
| http://secunia.com/advisories/51992 | 2017-08-29 | |
| http://www.ubuntu.com/usn/USN-1709-1 | 2017-08-29 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=902629 | 2013-01-30 | |
| https://access.redhat.com/security/cve/CVE-2013-0208 | 2013-01-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Openstack Search vendor "Openstack" | Essex Search vendor "Openstack" for product "Essex" | - | - |
Affected
| ||||||
| Openstack Search vendor "Openstack" | Folsom Search vendor "Openstack" for product "Folsom" | - | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 11.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "11.10" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.10" | - |
Affected
| ||||||