CVE-2013-0335

OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to gain access to a VM in opportunistic circumstances by using the VNC token for a deleted VM that was bound to the same VNC port.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:openstack:essex:2012.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:grizzly:2012.2:*:*:*:*:*:*:*
cpe:2.3:a:openstack:folsom:2012.2:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*

Information

Published : 2013-03-22 14:55

Updated : 2013-06-04 20:40


NVD link : CVE-2013-0335

Mitre link : CVE-2013-0335


JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

Advertisement

dedicated server usa

Products Affected

canonical

  • ubuntu_linux

openstack

  • grizzly
  • essex
  • folsom