Cyberang3L

**Name of the Vulnerable Software and Affected Versions** OpenStack Compute (Nova) versions Folsom through Havana before 2013.2 **Description** The issue concerns the XenAPI backend in OpenStack Compute, where security groups are not properly applied in certain situations, allowing remote attackers to bypass intended restrictions. This occurs when resizing an image or during live migration. **Recommendations** For OpenStack Compute (Nova) versions Folsom through Havana before 2013.2, update to version 2013.2 or later to resolve the issue.