CVE-2013-1068
published 2014-06-19CVE-2013-1068: The OpenStack Nova (python-nova) package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 before 1:2014.1-0ubuntu1.2 and Openstack Cinder…
medium5CVSS 3.1
AVNACLAuNCNIPAN
The OpenStack Nova (python-nova) package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 before 1:2014.1-0ubuntu1.2 and Openstack Cinder (python-cinder) package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.1 and 1:2014.1-0 before 1:2014.1-0ubuntu1.1 for Ubuntu 13.10 and 14.04 LTS does not properly set the sudo configuration, which makes it easier for attackers to gain privileges by leveraging another vulnerability.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | cinder | < cinder 2014.1.1-3 (bookworm) | cinder 2014.1.1-3 (bookworm) |
| debian | nova | < cinder 2014.1.1-3 (bookworm) | cinder 2014.1.1-3 (bookworm) |
| openstack | cinder | >= 0 < 2014.1.1-3 | 2014.1.1-3 |
| openstack | cinder | >= 0 < 2014.1.1-3 | 2014.1.1-3 |
| openstack | cinder | >= 0 < 2014.1.1-3 | 2014.1.1-3 |
| openstack | cinder | >= 0 < 2014.1.1-3 | 2014.1.1-3 |
| openstack | cinder | >= 0 < 1:2014.1-0ubuntu1.1 | 1:2014.1-0ubuntu1.1 |
| openstack | nova | >= 0 < 2014.1.1-4 | 2014.1.1-4 |
| openstack | nova | >= 0 < 2014.1.1-4 | 2014.1.1-4 |
| openstack | nova | >= 0 < 2014.1.1-4 | 2014.1.1-4 |
| openstack | nova | >= 0 < 2014.1.1-4 | 2014.1.1-4 |
| openstack | nova | >= 0 < 1:2014.1-0ubuntu1.2 | 1:2014.1-0ubuntu1.2 |
CVSS provenance
nvd5.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
osv5.0MEDIUM