PT-2013-4891 · Openstack · Openstack Cinder

Rongze Zhu

Publicado

2013-09-16

Atualizado

2022-05-17

CVE-2013-4183

CVSS v4.0

6.9

Média

Vetor

AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions OpenStack Cinder versions 2013.1.1 through 2013.1.2

Description The issue concerns the clear volume function in the LVMVolumeDriver driver, which fails to properly clear data when a snapshot is deleted. This allows local users to access sensitive information through unspecified means.

Recommendations For OpenStack Cinder versions 2013.1.1 through 2013.1.2, consider updating to a version where this issue is resolved, as the provided information does not specify the exact fixed version. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2013-4183

GHSA-Q3RW-WCJ6-8CJF

PYSEC-2013-35

RHSA-2013:1198

Produtos afetados

Openstack Cinder

PT-2013-4891 · Openstack · Openstack Cinder

CVE-2013-4183

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 15