CVE-2013-6419

Name of the Vulnerable Software and Affected Versions OpenStack Nova versions prior to Havana 2013.2.1 OpenStack Neutron versions prior to Havana 2013.2.1 and icehouse-1

Description The issue allows remote tenants to obtain sensitive metadata by spoofing the device ID bound to a port. This is due to a failure to validate the instance ID of the tenant making a request. The api/metadata/handler.py in Nova and the neutron-metadata-agent (agent/metadata/agent.py) in Neutron do not properly handle this situation.

Recommendations For OpenStack Nova versions prior to Havana 2013.2.1, update to Havana 2013.2.1 or later to resolve the issue. For OpenStack Neutron versions prior to Havana 2013.2.1 and icehouse-1, update to Havana 2013.2.1 or icehouse-1 or later to resolve the issue. As a temporary workaround, consider restricting access to the api/metadata/handler.py and neutron-metadata-agent (agent/metadata/agent.py) to minimize the risk of exploitation.