Vulnerability in Openstack Folsom
CVE-2013-4497
The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows remote attackers to bypass intended rest…
EPSS: 0.002 (43.5th percentile) — read the EPSS interpretation.
Affected products
- Openstack Folsom
- Openstack Grizzly
- Openstack Havana — versions havana-1, havana-2
- N/a — versions n/a
Weakness classification (CWE)
References
- [oss-security] 20131103 CVE request for a vulnerability in OpenStack Nova (mailing-list, x_refsource_MLIST)
- secalert@redhat.com (x_refsource_CONFIRM)
- [oss-security] 20131103 Re: CVE request for a vulnerability in OpenStack Nova (mailing-list, x_refsource_MLIST)
- secalert@redhat.com (x_refsource_CONFIRM)