openstack-nova is vulnerable to authorization bypass. It was found that the boot-from-volume feature in nova-volume did not correctly validate if the user attempting to boot an image was permitted to do so. An authenticated user could use this flaw to bypass intended restrictions, allowing them to boot images they would otherwise not have access to, exposing data stored in other users’ images. This issue does not affect configurations using the Cinder block storage mechanism, which is the default in Red Hat OpenStack.
osvdb.org/89661
rhn.redhat.com/errata/RHSA-2013-0208.html
secunia.com/advisories/51963
secunia.com/advisories/51992
www.openwall.com/lists/oss-security/2013/01/29/9
www.securityfocus.com/bid/57613
www.ubuntu.com/usn/USN-1709-1
access.redhat.com/security/updates/classification/#important
bugs.launchpad.net/nova/+bug/1069904
bugzilla.redhat.com/show_bug.cgi?id=856263
bugzilla.redhat.com/show_bug.cgi?id=881810
bugzilla.redhat.com/show_bug.cgi?id=887303
bugzilla.redhat.com/show_bug.cgi?id=902629
exchange.xforce.ibmcloud.com/vulnerabilities/81697
github.com/openstack/nova/commit/243d516cea9d3caa5a8267b12d2f577dcb24193b
github.com/openstack/nova/commit/317cc0af385536dee43ef2addad50a91357fc1ad
rhn.redhat.com/errata/RHSA-2013-0208.html