CVE-2013-6419
Published: 11 December 2013
Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 and icehouse-1 does not validate the instance ID of the tenant making a request, which allows remote tenants to obtain sensitive metadata by spoofing the device ID that is bound to a port, which is not properly handled by (1) api/metadata/handler.py in Nova and (2) the neutron-metadata-agent (agent/metadata/agent.py) in Neutron.
Notes
Author | Note |
---|---|
mdeslaur | OSSA 2013-033 |
jdstrand | requires updating both nova and neutron. Ubuntu 13.04 and lower do not have neutron in the archive, so ignoring requires instance_id to be exposed to attacker |
Priority
Status
Package | Release | Status |
---|---|---|
neutron Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Not vulnerable
(1:2013.2.2-0ubuntu1)
|
|
upstream |
Needed
|
|
Patches: upstream: https://review.openstack.org/61442 upstream: https://review.openstack.org/61439 |
||
nova Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Ignored
|
|
quantal |
Ignored
|
|
raring |
Ignored
|
|
saucy |
Not vulnerable
(1:2013.2.2-0ubuntu1)
|
|
upstream |
Needed
|
|
Patches: upstream: https://review.openstack.org/61435 upstream: https://review.openstack.org/61428 |