Folsom Security Vulnerabilities and Issues — Folsom CVE List

Lucene search

OpenstackFolsom

4 matches found

CVE•added 2013/03/22 9:55 p.m.•74 views

CVE-2013-0335

OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to gain access to a VM in opportunistic circumstances by using the VNC token for a deleted VM that was bound to the same VNC port.

6CVSS6.4AI score0.01036EPSS

CVE•added 2013/02/13 4:55 p.m.•61 views

CVE-2013-0208

The boot-from-volume feature in OpenStack Compute (Nova) Folsom and Essex, when using nova-volumes, allows remote authenticated users to boot from other users' volumes via a volume id in the block_device_mapping parameter.

6.5CVSS6AI score0.01145EPSS

CVE•added 2013/03/22 9:55 p.m.•59 views

CVE-2013-1865

OpenStack Keystone Folsom (2012.2) does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token.

6.8CVSS6.5AI score0.01162EPSS

CVE•added 2013/11/05 8:55 p.m.•56 views

CVE-2013-4497

The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows remote attackers to bypass intended restrictions.

6.4CVSS6.6AI score0.00094EPSS