CVE-2013-4497

The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows remote attackers to bypass intended restrictions.

CVSS v2.0 6.4 MEDIUM

6.4^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:N

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.openwall.com/lists/oss-security/2013/11/03/3
https://bugs.launchpad.net/nova/+bug/1202266
https://bugs.launchpad.net/nova/+bug/1073306
http://www.openwall.com/lists/oss-security/2013/11/03/2

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:openstack:havana:havana-2:::::::*
	cpe:2.3:a:openstack:havana:havana-1:::::::*
	cpe:2.3:a:openstack:havana::::::::

Configuration 2 (hide)

cpe:2.3:a:openstack:grizzly:-:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:openstack:folsom:-:*:*:*:*:*:*:*

Information

Published : 2013-11-05 12:55

Updated : 2013-11-06 17:11

NVD link : CVE-2013-4497

Mitre link : CVE-2013-4497

JSON object : View

CWE

CWE-264

Permissions, Privileges, and Access Controls

Products Affected

openstack

grizzly
folsom
havana

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.openwall.com/lists/oss-security/2013/11/03/3", "name": "[oss-security] 20131103 Re: CVE request for a vulnerability in OpenStack Nova", "tags": [], "refsource": "MLIST"}, {"url": "https://bugs.launchpad.net/nova/+bug/1202266", "name": "https://bugs.launchpad.net/nova/+bug/1202266", "tags": [], "refsource": "CONFIRM"}, {"url": "https://bugs.launchpad.net/nova/+bug/1073306", "name": "https://bugs.launchpad.net/nova/+bug/1073306", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.openwall.com/lists/oss-security/2013/11/03/2", "name": "[oss-security] 20131103 CVE request for a vulnerability in OpenStack Nova", "tags": [], "refsource": "MLIST"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows remote attackers to bypass intended restrictions."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-264"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2013-4497", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 4.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2013-11-05T20:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:openstack:havana:havana-2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openstack:havana:havana-1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openstack:havana:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "havana-3"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:openstack:grizzly:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:openstack:folsom:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2013-11-07T01:11Z"}

6.4 /10