ID | CVE-2013-2030 | ||||||
Sažetak | keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as demonstrated using /tmp/keystone-signing-nova on Fedora. | ||||||
Reference |
|
||||||
CVSS |
|
||||||
Pristup |
|
||||||
Impact |
|
||||||
CVSS vektor | AV:L/AC:L/Au:N/C:N/I:P/A:N | ||||||
Zadnje važnije ažuriranje | 05-05-2014 - 05:21 | ||||||
Objavljeno | 27-12-2013 - 01:55 |