3.3 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:P/A:N
0.0004 Low
EPSS
Percentile
5.1%
OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier
uses world-writable and world-readable permissions for the temporary
directory used to store live snapshots, which allows local users to read
and modify live snapshots.
Author | Note |
---|---|
mdeslaur | OSSA 2014-001 |
jdstrand | affected code introduced in grizzly (Ubuntu 13.04) requires shell access on the compute node |