VYPR
Moderate severityNVD Advisory· Published Nov 5, 2013· Updated Jun 16, 2026

CVE-2013-4497

CVE-2013-4497

Description

The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows remote attackers to bypass intended restrictions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
novaPyPI
< 12.0.0a012.0.0a0

Affected products

6
  • cpe:2.3:a:openstack:folsom:-:*:*:*:*:*:*:*
  • cpe:2.3:a:openstack:grizzly:-:*:*:*:*:*:*:*
  • OpenStack/Havana3 versions
    cpe:2.3:a:openstack:havana:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:openstack:havana:*:*:*:*:*:*:*:*range: <=havana-3
    • cpe:2.3:a:openstack:havana:havana-1:*:*:*:*:*:*:*
    • cpe:2.3:a:openstack:havana:havana-2:*:*:*:*:*:*:*
  • ghsa-coords
    Range: < 12.0.0a0

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.