Design/Logic Flaw

2013-04-1015:55:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

PackStack 2012.2.3 in Red Hat OpenStack Essex and Folsom can create the answer file in insecure directories such as /tmp or the current working directory, which allows local users to modify deployed systems by changing this file.

CPENameOperatorVersion
packstackeq2012.2.3

CPE	Name	Operator	Version
	packstack	eq	2012.2.3

References

rhn.redhat.com/errata/RHSA-2013-0671.html

bugzilla.redhat.com/show_bug.cgi?id=917904

exchange.xforce.ibmcloud.com/vulnerabilities/83017