CVE-2013-1815

Medium

A flaw was found in PackStack. This vulnerability allows a local user to modify deployed systems by changing the answer file, which is…

redhat·CWE-379·Published 2013-04-10

CVSS

6.1

EPSS

0.00

KEV

Exploits

cve.orgen

290 chars

A flaw was found in PackStack. This vulnerability allows a local user to modify deployed systems by changing the answer file, which is created in insecure directories such as /tmp or the current working directory. This insecure file creation could lead to unauthorized system modifications.

NVDen

290 chars

NVDes

265 chars

PackStack 03/02/2012 en Red Hat OpenStack Essex y Folsom se puede crear el archivo de respuesta en los directorios inseguros como /tmp o en el directorio de trabajo actual, que permite a usuarios locales modificar los sistemas desplegados cambiando de este archivo.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.4	3.4	6.4	AV:L/AC:M/Au:N/C:P/I:P/A:P
3.1	Primary	cve.org	6.1	—	—	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L