OpenStack Compute Nova Boot-From-Volume Vulnerability in Folsom and Essex
CVE-2013-0208
Currently unrated
Summary
The boot-from-volume feature in OpenStack Compute (Nova) versions Folsom and Essex is vulnerable, allowing remote authenticated users to boot from other users' volumes. This exploit can be executed through the manipulation of the block_device_mapping parameter, posing a significant threat to data integrity and confidentiality. As users may be unaware of unauthorized access to their volumes, it emphasizes the need for stringent security measures and prompt updates.
References
Timeline
Vulnerability published
Vulnerability Reserved