2 matches found
CVE-2014-0167
The CVE-2014-0167 entry documents a privilege-escalation flaw in OpenStack Nova (EC2 API security group) where the Nova compute API did not enforce RBAC policies for add_rules, remove_rules, destroy, and other methods when non-default policies were in use. Affected releases include OpenStack Comp...
CVE-2013-7130
CVE-2013-7130 affects the OpenStack OpenStack Compute (Nova) libvirt driver when performing KVM live block migration. The i_create_images_and_backing path does not create all expected files, which could let an authenticated attacker obtain the snapshot root disk contents of other users via epheme...