OpenStack Nova live snapshots use an insecure local directory
Low severity
GitHub Reviewed
Published
May 14, 2022
to the GitHub Advisory Database
•
Updated May 14, 2024
Description
Published by the National Vulnerability Database
Jan 23, 2014
Published to the GitHub Advisory Database
May 14, 2022
Reviewed
May 14, 2024
Last updated
May 14, 2024
OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots.
References