Oval Definition:	oval:com.ubuntu.precise:def:20134471000
Revision Date: 2014-05-14 Version: 1 Title: CVE-2013-4471 on Ubuntu 12.04 LTS (precise) - medium. Description: The Identity v3 API in OpenStack Dashboard (Horizon) before 2013.2 does not require the current password when changing passwords for user accounts, which makes it easier for remote attackers to change a user password by leveraging the authentication token for that user. Family: unix Class: vulnerability Status: Reference(s): CVE-2013-4471 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND While related to the CVE in some way, the 'horizon' package in precise is not affected.
BACK