CVE-2013-6419

OpenStack Havana < 2013.2.1 - Exposure of Sensitive Metadata via Spoofed Device ID

Title source: llm

Description

Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 and icehouse-1 does not validate the instance ID of the tenant making a request, which allows remote tenants to obtain sensitive metadata by spoofing the device ID that is bound to a port, which is not properly handled by (1) api/metadata/handler.py in Nova and (2) the neutron-metadata-agent (agent/metadata/agent.py) in Neutron.

References (7)

Core 7

Core References

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2014-0091.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2014-0231.html

Various Sources x_refsource_misc

https://review.openstack.org/#/c/61428/2/nova/api/metadata/handler.py

Various Sources x_refsource_misc

https://review.openstack.org/#/c/61439/1/neutron/agent/metadata/agent.py

Issue Tracking x_refsource_confirm

https://bugs.launchpad.net/neutron/+bug/1235450

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/64250

Patch mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2013/12/11/8

Scores

EPSS 0.0056

EPSS Percentile 68.6%

Details

CWE

CWE-200

Status published

Products (2)

openstack/havana < havana-1

pypi/nova 0 - 12.0.0a0PyPI

Published Jan 07, 2014

Tracked Since Feb 18, 2026