CVE-2013-6433

Published: Jun 2, 2014Modified: May 6, 2026

7.6

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Exploitability: 4.9 / Impact: 10.0

Source: NVD

Description

The default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file for rootwrap, which allows remote attackers to gain privileges via a crafted configuration file.

Affected (3)

Products: Openstack: Neutron · Canonical: Ubuntu Linux

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Openstack Neutron	From 2013.1 to 2013.2.3

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 13.10
Canonical Ubuntu Linux	Version 14.04

Related CWEs

CWE-264

References (8)

http://rhn.redhat.com/errata/RHSA-2014-0516.html

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/59533

Source: secalert@redhat.com

Third Party Advisory

http://www.ubuntu.com/usn/USN-2255-1

Source: secalert@redhat.com

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1039812

Source: secalert@redhat.com

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2014-0516.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://secunia.com/advisories/59533

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.ubuntu.com/usn/USN-2255-1

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1039812

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.