OSSA-2013-033: Metadata queries from Neutron to Nova are not restricted by tenant

Date:December 11, 2013
CVE:CVE-2013-6419

Affects

  • Neutron: All supported releases
  • Nova: All supported releases

Description

Aaron Rosen from VMware reported a vulnerability in the metadata access from OpenStack Neutron to Nova. Because of a missing authorization check on port binding, by guessing an instance_id a tenant may retrieve another tenant’s metadata resulting in information disclosure. Only OpenStack setups running neutron-metadata-agent are affected.

Credits

  • Aaron Rosen from VMware (CVE-2013-6419)