OSSA-2013-006: VNC proxy can connect to the wrong VM¶
February 26, 2013
Nova: All versions
Loganathan Parthipan (HP) and Rohit Karajgi (NTT Data) independently reported a vulnerability in Nova. If a user requests a console and then deletes the VM, it is possible that the console token could allow connectivity to a different VM before the console token expires if the VNC port gets reused in that time period. This issue can be worked around by disabling VNC support.
Loganathan Parthipan from HP (CVE-2013-0335)
Rohit Karajgi from NTT Data (CVE-2013-0335)