CVE-2013-6480
published 2014-01-07CVE-2013-6480: Libcloud 0.12.3 through 0.13.2 does not set the scrub_data parameter for the destroy DigitalOcean API, which allows local users to obtain sensitive information…
low2.1CVSS 3.1
AVLACLAuNCPINAN
EXPLOIT
Libcloud 0.12.3 through 0.13.2 does not set the scrub_data parameter for the destroy DigitalOcean API, which allows local users to obtain sensitive information by leveraging a new VM.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | libcloud | — | — |
| apache | libcloud | — | — |
| apache | libcloud | — | — |
| apache | libcloud | — | — |
| apache | libcloud | — | — |
| debian | libcloud | — | — |