CVE-2013-0335

Currently unrated

Key Information:

Vendor: Openstack
Status: Essex; Folsom; Grizzly
Vendor: CVE Published:; 22 March 2013

Summary

OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to gain access to a VM in opportunistic circumstances by using the VNC token for a deleted VM that was bound to the same VNC port.

References

http://www.osvdb.org/90657

vdb-entryx_refsource_OSVDB

http://secunia.com/advisories/52728

third-party-advisoryx_refsource_SECUNIA

https://bugs.launchpad.net/nova/+bug/1125378

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 22, 2013
Vulnerability Reserved
Dec 6, 2012