OpenStack Compute Nova Boot-From-Volume Vulnerability in Folsom and Essex
CVE-2013-0208

Currently unrated

Key Information:

Vendor

Openstack
Status
Essex
Folsom
Vendor
CVE Published:
13 February 2013

What is CVE-2013-0208?

The boot-from-volume feature in OpenStack Compute (Nova) versions Folsom and Essex is vulnerable, allowing remote authenticated users to boot from other users' volumes. This exploit can be executed through the manipulation of the block_device_mapping parameter, posing a significant threat to data integrity and confidentiality. As users may be unaware of unauthorized access to their volumes, it emphasizes the need for stringent security measures and prompt updates.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/openstack/nova/commit/317cc0af385536de...
x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2013-0208.html
vendor-advisoryx_refsource_REDHAT
http://secunia.com/advisories/51992
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.