Data Exposure Vulnerability in OpenStack Cinder LVMVolumeDriver
CVE-2013-4183
Currently unrated
Summary
The clear_volume function in the LVMVolumeDriver of OpenStack Cinder versions 2013.1.1 and 2013.1.2 fails to adequately clear data when a snapshot is deleted. This flaw permits local users to potentially access sensitive information through unspecified methods, compromising data integrity and confidentiality. Operators of affected releases should review their snapshot management practices to mitigate risks associated with this vulnerability.
References
Timeline
Vulnerability published
Vulnerability Reserved