PT-2014-3111 · Openstack+1 · Openstack Neutron+1

Published

2014-06-02

Updated

2018-10-19

CVE-2013-6433

CVSS v2.0

7.6

High

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions openstack-neutron versions prior to 2013.2.3-7

Description The issue is related to the default configuration of the openstack-neutron package, which does not properly set a configuration file for rootwrap. This allows remote attackers to gain privileges via a crafted configuration file.

Recommendations For versions prior to 2013.2.3-7, update to version 2013.2.3-7 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2013-6433

RHSA-2014:0516

USN-2255-1

Affected Products

Ubuntu

Openstack Neutron

PT-2014-3111 · Openstack+1 · Openstack Neutron+1

CVE-2013-6433

Weakness Enumeration

Related Identifiers

Affected Products

References · 19