Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

openstack compute 2013.2 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2014-2573
The VMWare driver in OpenStack Compute (Nova) 2013.2 up to and including 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by requesting the VM be put into ...
Openstack Compute 2013.2Openstack Compute 2013.2.2Openstack Compute 2013.2.1
NA
CVE-2014-0134
The instance rescue mode in OpenStack Compute (Nova) 2013.2 prior to 2013.2.3 and Icehouse prior to 2014.1, when using libvirt to spawn images and use_cow_images is set to false, allows remote authenticated users to read certain compute host files by overwriting an instance disk ...
Openstack Compute 2013.2Openstack Compute 2013.2.1Openstack Compute 2013.2.2
4.7
CVSSv3
CVE-2015-2687
OpenStack Compute (nova) Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for.
Openstack Compute 2013.2.2Openstack Compute 2013.2.1Openstack Compute 2013.2Openstack Compute 2014.1.5Openstack Compute 2014.1.4Openstack Compute 2014.2.4Openstack Compute 2014.2.3Openstack Compute 2014.2.2Openstack Compute 2014.2Openstack Compute 2013.2.3Openstack Compute 2014.1.2Openstack Compute 2014.1Openstack Compute 2014.2.1Openstack Compute 2013.2.4Openstack Compute 2014.1.3Openstack Compute 2014.1.1
NA
CVE-2013-4497
The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana prior to 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows remote malicious users to bypass intended restrictions.
Openstack Havana Havana-2Openstack Havana Havana-1Openstack HavanaOpenstack Grizzly -Openstack Folsom -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook