Lucene search
Veracode Vulnerability DatabaseVERACODE:11190HistoryJan 15, 2019 - 8:58 a.m.
Information Disclosure
2019-01-1508:58:19
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
openstack-cinder is vulnerable to information disclosure attacks. The vulnerability exists as the clear_volume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive information via unspecified vectors.
References
Related
prion
prion
Design/Logic Flaw
2013-09-16 19:14:00
cvelist
cvelist
CVE-2013-4183
2013-09-16 19:00:00
ubuntucve
ubuntucve
CVE-2013-4183
2013-08-07 00:00:00
cve
cve
CVE-2013-4183
2013-09-16 19:14:00
debiancve
debiancve
CVE-2013-4183
2013-09-16 19:14:00
seebug
seebug
OpenStack Cinder 俥ćŻćłćźćźć´(CVE-2013-4183)
2013-08-27 00:00:00
github
github
OpenStack Cinder LVMVolumeDriver does not zero deleted snapshots
2022-05-17 04:58:58
nessus
nessus
RHEL 6 : openstack-cinder (RHSA-2013:1198)
2024-04-21 00:00:00
Ubuntu 13.04 : cinder vulnerabilities (USN-2005-1)
2013-10-24 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2005-1)
2013-10-29 00:00:00
Ubuntu Update for cinder USN-2005-1
2013-10-29 00:00:00
ubuntu
ubuntu
Cinder vulnerabilities
2013-10-23 00:00:00
securityvulns
securityvulns
[USN-2005-1] Cinder vulnerabilities
2013-10-28 00:00:00
OpenStack multiple security vulnerabilities
2013-12-23 00:00:00
redhat
redhat
(RHSA-2013:1198) Moderate: openstack-cinder security update
2013-09-03 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:48:39
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
Related for VERACODE:11190