Redhat: >> Packstack Security Vulnerabilities
OpenStack PackStack 2012.2.1, when the Open vSwitch (OVS) monolithic plug-in is not used, does not properly set the libvirt_vif_driver configuration option when generating the nova.conf configuration, which causes the firewall to be disabled and allows remote attackers to bypass intended access restrictions.
CVSS Score
5.0
EPSS Score
0.002
Published
2014-12-02
PackStack 2012.2.3 in Red Hat OpenStack Essex and Folsom can create the answer file in insecure directories such as /tmp or the current working directory, which allows local users to modify deployed systems by changing this file.
CVSS Score
4.4
EPSS Score
0.001
Published
2013-04-10