Lucene search

[email protected]NVD:CVE-2013-1815

HistoryApr 10, 2013 - 3:55 p.m.

CVE-2013-1815

2013-04-1015:55:15

CWE-255

[email protected]

web.nvd.nist.gov

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

PackStack 2012.2.3 in Red Hat OpenStack Essex and Folsom can create the answer file in insecure directories such as /tmp or the current working directory, which allows local users to modify deployed systems by changing this file.

Affected configurations

NVD

Node

redhatopenstack_essexMatch-

redhatopenstack_folsomMatch-

redhatpackstackMatch2012.2.3

References

rhn.redhat.com/errata/RHSA-2013-0671.html

bugzilla.redhat.com/show_bug.cgi?id=917904

exchange.xforce.ibmcloud.com/vulnerabilities/83017

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2013-1815

prion1 cve1 cvelist1 redhat1