3.3

CVE-2013-7048

Exploit
OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenstackNova Version >= 2013.1 <= 2013.1.4
OpenstackNova Version >= 2013.2 <= 2013.2.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.48% 0.373
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 3.3 3.4 4.9
AV:L/AC:M/Au:N/C:P/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://rhn.redhat.com/errata/RHSA-2014-0231.html
Third Party Advisory
http://www.openwall.com/lists/oss-security/2014/01/13/2
Third Party Advisory
Mailing List
https://bugs.launchpad.net/nova/+bug/1227027
Patch
Third Party Advisory
Exploit