The instance rescue mode in OpenStack Compute (Nova) 2013.2 before 2013.2.3 and Icehouse before 2014.1, when using libvirt to spawn images and use_cow_images is set to false, allows remote authenticated users to read certain compute host files by overwriting an instance disk with a crafted image.
Max CVSS
3.5
EPSS Score
0.14%
Published
2014-05-08
Updated
2014-06-21
The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage.
Max CVSS
7.1
EPSS Score
0.76%
Published
2014-02-06
Updated
2017-08-29
2 vulnerabilities found