Your submission was sent successfully! Close

CVE-2013-6419

Published: 11 December 2013

Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 and icehouse-1 does not validate the instance ID of the tenant making a request, which allows remote tenants to obtain sensitive metadata by spoofing the device ID that is bound to a port, which is not properly handled by (1) api/metadata/handler.py in Nova and (2) the neutron-metadata-agent (agent/metadata/agent.py) in Neutron.

Priority

Medium

Status

Package Release Status
neutron
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

saucy Not vulnerable
(1:2013.2.2-0ubuntu1)
trusty Not vulnerable
(1:2014.1~b3-0ubuntu1)
upstream Needed

nova
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Ignored

quantal Ignored

raring Ignored

saucy Not vulnerable
(1:2013.2.2-0ubuntu1)
trusty Not vulnerable
(1:2014.1~b3-0ubuntu2)
upstream Needed

Notes

AuthorNote
mdeslaur
OSSA 2013-033
jdstrand
requires updating both nova and neutron. Ubuntu 13.04 and lower do
not have neutron in the archive, so ignoring
requires instance_id to be exposed to attacker

References

Bugs