PT-2014-3111 · Openstack+1 · Openstack Neutron+1

Publicado

2014-06-02

·

Atualizado

2018-10-19

·

CVE-2013-6433

CVSS v2.0

7.6

Alta

VetorAV:N/AC:H/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions openstack-neutron versions prior to 2013.2.3-7
Description The issue is related to the default configuration of the openstack-neutron package, which does not properly set a configuration file for rootwrap. This allows remote attackers to gain privileges via a crafted configuration file.
Recommendations For versions prior to 2013.2.3-7, update to version 2013.2.3-7 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2013-6433
RHSA-2014:0516
USN-2255-1

Produtos afetados

Ubuntu
Openstack Neutron