CVE-2013-0266
on github
Published
Severity
CVSS v3:
N/A
CVSS v2:
2.1 LOW
Description
manifests/base.pp in the puppetlabs-cinder module, as used in PackStack, uses world-readable permissions for the (1) cinder.conf and (2) api-paste.ini configuration files, which allows local users to read OpenStack administrative passwords by reading the files.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:openstack:essex:-:*:*:*:*:*:*:* | n/a | n/a | - |
cpe:2.3:a:openstack:folsom:-:*:*:*:*:*:*:* | n/a | n/a | - |