Vulnerabilities > Redhat > Packstack
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-12-02 | CVE-2014-3703 | Permissions, Privileges, and Access Controls vulnerability in Redhat Packstack 2012.2.1 OpenStack PackStack 2012.2.1, when the Open vSwitch (OVS) monolithic plug-in is not used, does not properly set the libvirt_vif_driver configuration option when generating the nova.conf configuration, which causes the firewall to be disabled and allows remote attackers to bypass intended access restrictions. | 5.0 |
2013-04-10 | CVE-2013-1815 | Credentials Management vulnerability in Redhat Openstack Essex, Openstack Folsom and Packstack PackStack 2012.2.3 in Red Hat OpenStack Essex and Folsom can create the answer file in insecure directories such as /tmp or the current working directory, which allows local users to modify deployed systems by changing this file. | 4.4 |