Vulnerabilities > CVE-2013-1815 - Credentials Management vulnerability in Redhat Openstack Essex, Openstack Folsom and Packstack
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
PackStack 2012.2.3 in Red Hat OpenStack Essex and Folsom can create the answer file in insecure directories such as /tmp or the current working directory, which allows local users to modify deployed systems by changing this file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Common Weakness Enumeration (CWE)
Redhat
advisories |
| ||||
rpms | openstack-packstack-0:2012.2.3-0.1.dev454.el6ost |