Privilege Escalation in Red Hat OpenStack Neutron
CVE-2013-6433

Currently unrated

Key Information:

Vendor
Openstack
Status
Vendor
CVE Published:
2 June 2014

Summary

The Red Hat OpenStack Neutron package, prior to version 2013.2.3-7, features a flawed default configuration that fails to properly secure the rootwrap configuration file. This oversight permits remote attackers to exploit this weakness by delivering a crafted configuration file, ultimately allowing them to escalate their privileges within the system. It is crucial for organizations using this version to apply updates and secure their configurations to mitigate the risk of unauthorized access.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.