CVE-2013-4497

EPSS 0.11%
Published 05.11.2013 20:55:29
Last modified 11.04.2025 00:51:21
Source secalert@redhat.com
Teams watchlist Login
Open Login

The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows remote attackers to bypass intended restrictions.

Affected products Warnungen 0 Metrics 2 CWE 0 References 7

Data is provided by the National Vulnerability Database (NVD)

Openstack ≫ Havana Version <= havana-3

Openstack ≫ Havana Versionhavana-1

Openstack ≫ Havana Versionhavana-2

Openstack ≫ Grizzly Version-

Openstack ≫ Folsom Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.11%	0.293

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:P/I:P/A:N

http://www.openwall.com/lists/oss-security/2013/11/03/2

http://www.openwall.com/lists/oss-security/2013/11/03/3

https://bugs.launchpad.net/nova/+bug/1073306

https://bugs.launchpad.net/nova/+bug/1202266

https://nvd.nist.gov/vuln/detail/CVE-2013-4497

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-4497

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-4497

EUVD