ByteOS Network

NVD Vulnerability Details :

CVE-2013-0208

Modified

Source-secalert@redhat.com

Published At-13 Feb, 2013 | 16:55

Updated At-29 Apr, 2026 | 01:13

The boot-from-volume feature in OpenStack Compute (Nova) Folsom and Essex, when using nova-volumes, allows remote authenticated users to boot from other users' volumes via a volume id in the block_device_mapping parameter.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	6.5	MEDIUM	AV:N/AC:L/Au:S/C:P/I:P/A:P

Type: Primary

Version: 2.0

Base score: 6.5

Base severity: MEDIUM

Vector:

AV:N/AC:L/Au:S/C:P/I:P/A:P

CPE Matches

Weaknesses

CWE ID	Type	Source
CWE-264	Primary	nvd@nist.gov

CWE ID: CWE-264

Type: Primary

Source: nvd@nist.gov

Evaluator Description

Per http://www.ubuntu.com/usn/USN-1709-1/ A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.10 Ubuntu 12.04 LTS Ubuntu 11.10

References

Hyperlink	Source	Resource
http://osvdb.org/89661	secalert@redhat.com	N/A
http://rhn.redhat.com/errata/RHSA-2013-0208.html	secalert@redhat.com	N/A
http://secunia.com/advisories/51963	secalert@redhat.com	Vendor Advisory
http://secunia.com/advisories/51992	secalert@redhat.com	Vendor Advisory
http://www.openwall.com/lists/oss-security/2013/01/29/9	secalert@redhat.com	N/A
http://www.securityfocus.com/bid/57613	secalert@redhat.com	N/A
http://www.ubuntu.com/usn/USN-1709-1	secalert@redhat.com	N/A
https://bugs.launchpad.net/nova/+bug/1069904	secalert@redhat.com	N/A
https://bugzilla.redhat.com/show_bug.cgi?id=902629	secalert@redhat.com	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/81697	secalert@redhat.com	N/A
https://github.com/openstack/nova/commit/243d516cea9d3caa5a8267b12d2f577dcb24193b	secalert@redhat.com	N/A
https://github.com/openstack/nova/commit/317cc0af385536dee43ef2addad50a91357fc1ad	secalert@redhat.com	N/A
http://osvdb.org/89661	af854a3a-2127-422b-91ae-364da2661108	N/A
http://rhn.redhat.com/errata/RHSA-2013-0208.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/51963	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://secunia.com/advisories/51992	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://www.openwall.com/lists/oss-security/2013/01/29/9	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.securityfocus.com/bid/57613	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.ubuntu.com/usn/USN-1709-1	af854a3a-2127-422b-91ae-364da2661108	N/A
https://bugs.launchpad.net/nova/+bug/1069904	af854a3a-2127-422b-91ae-364da2661108	N/A
https://bugzilla.redhat.com/show_bug.cgi?id=902629	af854a3a-2127-422b-91ae-364da2661108	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/81697	af854a3a-2127-422b-91ae-364da2661108	N/A
https://github.com/openstack/nova/commit/243d516cea9d3caa5a8267b12d2f577dcb24193b	af854a3a-2127-422b-91ae-364da2661108	N/A
https://github.com/openstack/nova/commit/317cc0af385536dee43ef2addad50a91357fc1ad	af854a3a-2127-422b-91ae-364da2661108	N/A