← back
CVE-2013-4497

CVE-2013-4497

EPSS 1.8%
The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows remote attackers to bypass intended restrictions.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugs.launchpad.net/nova/+bug/1073306https://bugs.launchpad.net/nova/+bug/1202266http://www.openwall.com/lists/oss-security/2013/11/03/2http://www.openwall.com/lists/oss-security/2013/11/03/3