CVE-2013-6419: Infoleak
First published: Tue Jan 07 2014(Updated: )
Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 and icehouse-1 does not validate the instance ID of the tenant making a request, which allows remote tenants to obtain sensitive metadata by spoofing the device ID that is bound to a port, which is not properly handled by (1) api/metadata/handler.py in Nova and (2) the neutron-metadata-agent (`agent/metadata/agent.py`) in Neutron.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| pip/nova | <12.0.0a0 | 12.0.0a0 |
| OpenStack Havana | <=havana-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://rhn.redhat.com/errata/RHSA-2014-0091.html
- http://rhn.redhat.com/errata/RHSA-2014-0231.html
- http://www.openwall.com/lists/oss-security/2013/12/11/8
- http://www.securityfocus.com/bid/64250
- https://bugs.launchpad.net/neutron/+bug/1235450
- https://review.openstack.org/#/c/61428/2/nova/api/metadata/handler.py
- https://review.openstack.org/#/c/61439/1/neutron/agent/metadata/agent.py
- https://nvd.nist.gov/vuln/detail/CVE-2013-6419
- https://github.com/openstack/nova/commit/07006be9165d1008ca0382b6f0ad25b13a676a55
- https://github.com/openstack/nova/commit/af2f823107010933ecd94a9c938f8b739baaecb7
- https://github.com/openstack/nova/commit/bce36e9bdb1fcb9658f7b684d160e656e88d816c
- https://github.com/advisories/GHSA-22w9-j288-8p9w (Advisory)
Frequently Asked Questions
What is the severity of CVE-2013-6419?
CVE-2013-6419 has a medium severity level due to the potential for remote tenants to access sensitive metadata.
How do I fix CVE-2013-6419?
To fix CVE-2013-6419, upgrade to OpenStack Nova version 12.0.0a0 or higher and ensure proper tenant ID validation.
Which versions of OpenStack are affected by CVE-2013-6419?
CVE-2013-6419 affects OpenStack versions prior to Havana 2013.2.1 and Icehouse-1.
What vulnerabilities does CVE-2013-6419 expose?
CVE-2013-6419 exposes sensitive tenant metadata to unauthorized remote tenants due to improper validation of instance IDs.
Is CVE-2013-6419 still a concern for current OpenStack deployments?
CVE-2013-6419 is not a concern for current OpenStack deployments using versions above Havana 2013.2.1.
- agent/type
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-22w9-j288-8p9w
- alias/CVE-2013-6419
- agent/software-canonical-lookup
- agent/severity
- agent/weakness
- agent/references
- agent/remedy
- agent/author
- agent/description
- agent/softwarecombine
- collector/github-advisory
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/trending
- agent/source
- agent/tags
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-index
- package-manager/pip
- vendor/openstack
- canonical/openstack havana
- version/openstack havana/havana-1