CVE-2013-6419Sensitive Information Exposure in Nova

CWE-200Sensitive Information Exposure8 documents7 sources
Severity
5.0MEDIUMNVD
EPSS
0.6%
top 31.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Openstack NeutronOpenstack NovaOpenstack Havana
Timeline
PublishedJan 7
Latest updateMay 17

Description

Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 and icehouse-1 does not validate the instance ID of the tenant making a request, which allows remote tenants to obtain sensitive metadata by spoofing the device ID that is bound to a port, which is not properly handled by (1) api/metadata/handler.py in Nova and (2) the neutron-metadata-agent (agent/metadata/agent.py) in Neutron.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages4 packages

Debianopenstack/neutron< 2013.2.1-1+3
PyPIopenstack/nova< 12.0.0a0
Debianopenstack/nova< 2013.2.1-1+3
NVDopenstack/havanahavana-1

Patches

Patch: www.openwall.comPatch: www.openwall.com

🔴Vulnerability Details

4
OSV
OpenStack Nova Router metadata queries are not restricted by tenant2022-05-17
GHSA
OpenStack Nova Router metadata queries are not restricted by tenant2022-05-17
CVEList
CVE-2013-6419: Interaction error in OpenStack Nova and Neutron before Havana 20132014-01-07
OSV
CVE-2013-6419: Interaction error in OpenStack Nova and Neutron before Havana 20132014-01-07

📋Vendor Advisories

2
Red Hat
Nova: Metadata queries from Neutron to Nova are not restricted by tenant2013-12-11
Debian
CVE-2013-6419: neutron - Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 and iceho...2013

💬Community

1
Bugzilla
CVE-2013-6419 OpenStack Neutron and Nova: Metadata queries from Neutron to Nova are not restricted by tenant2013-12-06
CVE-2013-6419 — Sensitive Information Exposure in Nova | cvebase