CVE-2013-1815

Published: Apr 10, 2013Modified: Apr 30, 2026

6.1

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

Exploitability: 1.8 / Impact: 4.2

Source: secalert@redhat.com

Description

A flaw was found in PackStack. This vulnerability allows a local user to modify deployed systems by changing the answer file, which is created in insecure directories such as /tmp or the current working directory. This insecure file creation could lead to unauthorized system modifications.

Affected (3)

Products: Redhat: Openstack Essex, Openstack Folsom, Packstack

3 products

Openstack Essex

Openstack Folsom

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Redhat Openstack Essex	All versions
Redhat Openstack Folsom	All versions
Redhat Packstack	Version 2012.2.3

Related CWEs

Creation of Temporary File in Directory with Insecure Permissions

The product creates a temporary file in a directory whose permissions allow unintended actors to determine the file's existence or otherwise access that file.

References (7)

http://rhn.redhat.com/errata/RHSA-2013-0671.html

Source: secalert@redhat.com

Vendor Advisory

https://access.redhat.com/security/cve/CVE-2013-1815

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=917904

Source: secalert@redhat.com

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/83017

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2013-0671.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=917904

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/83017

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.