CVE-2013-7048
published 2014-01-23CVE-2013-7048: OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to…
low3.3CVSS 3.1
AVLACMAuNCPIPAN
OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | nova | < nova 2013.2.2 (bookworm) | nova 2013.2.2 (bookworm) |
| openstack | nova | >= 0 < 2013.2.2 | 2013.2.2 |
| openstack | nova | >= 0 < 2013.2.2 | 2013.2.2 |
| openstack | nova | >= 0 < 2013.2.2 | 2013.2.2 |
| openstack | nova | >= 0 < 2013.2.2 | 2013.2.2 |
| openstack | nova | >= 0 < 12.0.0a0 | 12.0.0a0 |
| openstack | nova | 2013.1 – 2013.1.4 | — |
| openstack | nova | 2013.2 – 2013.2.1 | — |
CVSS provenance
nvd3.3LOWAV:L/AC:M/Au:N/C:P/I:P/A:N
osv3.3LOW