Data Exposure Vulnerability in OpenStack Cinder LVMVolumeDriver
CVE-2013-4183

Currently unrated

Key Information:

Vendor
Openstack
Status
Vendor
CVE Published:
16 September 2013

Summary

The clear_volume function in the LVMVolumeDriver of OpenStack Cinder versions 2013.1.1 and 2013.1.2 fails to adequately clear data when a snapshot is deleted. This flaw permits local users to potentially access sensitive information through unspecified methods, compromising data integrity and confidentiality. Operators of affected releases should review their snapshot management practices to mitigate risks associated with this vulnerability.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.