cbcvebase.
CVE-2013-6433
published 2014-06-02

CVE-2013-6433: The default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file for rootwrap, which allows…

PriorityP340high7.6CVSS 2.0
AVNACHAuNCCICAC
EPSS
3.32%
87.1th percentile
The default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file for rootwrap, which allows remote attackers to gain privileges via a crafted configuration file.

Affected

11 ranges
VendorProductVersion rangeFixed in
canonicalubuntu_linux
canonicalubuntu_linux
debianneutron< neutron 2014.1-1 (bookworm)neutron 2014.1-1 (bookworm)
debianneutron
openstackneutron>= 0 < 2014.1-12014.1-1
openstackneutron>= 0 < 2014.1-12014.1-1
openstackneutron>= 0 < 2014.1-12014.1-1
openstackneutron>= 0 < 2014.1-12014.1-1
openstackneutron>= 0 < 1:2014.1-0ubuntu1.31:2014.1-0ubuntu1.3
openstackneutron2013.1 – 2013.2.3
openstackneutron2014.1 – 2014.1.2

CVSS provenance

nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
osv7.6HIGH
vendor_debian7.6LOW
vendor_redhat7.6HIGH
vendor_ubuntu7.6HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.