Improper Sudo Configuration Vulnerability in OpenStack Nova and Cinder Packages

Improper Sudo Configuration Vulnerability in OpenStack Nova and Cinder Packages

CVE-2013-1068 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

The OpenStack Nova (python-nova) package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 before 1:2014.1-0ubuntu1.2 and Openstack Cinder (python-cinder) package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.1 and 1:2014.1-0 before 1:2014.1-0ubuntu1.1 for Ubuntu 13.10 and 14.04 LTS does not properly set the sudo configuration, which makes it easier for attackers to gain privileges by leveraging another vulnerability.

Learn more about our Cis Benchmark Audit For Ubuntu Linux.