CVE-2013-6419
Published: 11 December 2013
Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 and icehouse-1 does not validate the instance ID of the tenant making a request, which allows remote tenants to obtain sensitive metadata by spoofing the device ID that is bound to a port, which is not properly handled by (1) api/metadata/handler.py in Nova and (2) the neutron-metadata-agent (agent/metadata/agent.py) in Neutron.
Notes
| Author | Note |
|---|---|
| mdeslaur | OSSA 2013-033 |
| jdstrand | requires updating both nova and neutron. Ubuntu 13.04 and lower do not have neutron in the archive, so ignoring requires instance_id to be exposed to attacker |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
neutron Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| raring |
Does not exist
|
|
| saucy |
Not vulnerable
(1:2013.2.2-0ubuntu1)
|
|
| upstream |
Needed
|
|
|
Patches: upstream: https://review.openstack.org/61442 upstream: https://review.openstack.org/61439 |
||
|
nova Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
| precise |
Ignored
|
|
| quantal |
Ignored
|
|
| raring |
Ignored
|
|
| saucy |
Not vulnerable
(1:2013.2.2-0ubuntu1)
|
|
| upstream |
Needed
|
|
|
Patches: upstream: https://review.openstack.org/61435 upstream: https://review.openstack.org/61428 |
||