Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:openstack:havana:havana-3:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2013-2030 |
keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as demonstrated using /tmp/keystone-signing-nova on Fedora. Published: December 26, 2013; 8:55:05 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 2.1 LOW |
CVE-2013-4497 |
The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows remote attackers to bypass intended restrictions. Published: November 05, 2013; 3:55:29 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.4 MEDIUM |