The clear_volume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 up to and including 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive information via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openstack cinder 2013.1.1 |
||
openstack cinder 2013.1.2 |