CVE-2013-0208

Published: Feb 13, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

The boot-from-volume feature in OpenStack Compute (Nova) Folsom and Essex, when using nova-volumes, allows remote authenticated users to boot from other users' volumes via a volume id in the block_device_mapping parameter.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/openstack/nova/commit/317cc0af385536dee43ef2addad50a91357fc1ad

x_refsource_CONFIRM

RHSA-2013:0208

vendor-advisory

x_refsource_REDHAT

51992

third-party-advisory

x_refsource_SECUNIA

51963

third-party-advisory

x_refsource_SECUNIA

https://bugs.launchpad.net/nova/+bug/1069904

x_refsource_CONFIRM

[oss-security] 20130129 [OSSA 2013-001] Boot from volume allows access to random volumes (CVE-2013-0208)

mailing-list

x_refsource_MLIST

57613

vdb-entry

x_refsource_BID

https://github.com/openstack/nova/commit/243d516cea9d3caa5a8267b12d2f577dcb24193b

x_refsource_CONFIRM

USN-1709-1

vendor-advisory

x_refsource_UBUNTU

89661

vdb-entry

x_refsource_OSVDB

nova-volume-security-bypass(81697)

vdb-entry

x_refsource_XF

https://bugzilla.redhat.com/show_bug.cgi?id=902629

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-0208

Description

Affected Products

References