QwikSec

Security Database

CVE

CWE

Training

CVE-2013-1815

Published: Apr 10, 2013

Modified: Apr 30, 2026

PUBLISHED

CVSS v3.1

6.1

MEDIUM

Description

A flaw was found in PackStack. This vulnerability allows a local user to modify deployed systems by changing the answer file, which is created in insecure directories such as /tmp or the current working directory. This insecure file creation could lead to unauthorized system modifications.

Vendor	Product	Versions
Red Hat	Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)	All versions
Red Hat	Red Hat OpenStack Platform 4	All versions

Weaknesses (CWE)

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

Low

References

http://rhn.redhat.com/errata/RHSA-2013-0671.html

https://access.redhat.com/security/cve/CVE-2013-1815

vdb-entry

x_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=917904

https://exchange.xforce.ibmcloud.com/vulnerabilities/83017

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.