3.3 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:P/A:N
6.7 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots.
rhn.redhat.com/errata/RHSA-2014-0231.html
www.openwall.com/lists/oss-security/2014/01/13/2
bugs.launchpad.net/nova/+bug/1227027
github.com/advisories/GHSA-grp5-h379-j75x
github.com/openstack/nova/commit/75be5abd6b3fa0f7f27fe9c805f832cd41d44a5d
github.com/openstack/nova/commit/8a34fc3d48c467aa196f65eed444ccdc7c02f19f
github.com/openstack/nova/commit/9bd7fff8c0160057643cfc37c5e2b1cd3337d6aa
nvd.nist.gov/vuln/detail/CVE-2013-7048