Oval Definition:	oval:com.ubuntu.trusty:def:20136426000
Revision Date: 2013-12-14 Version: 1 Title: CVE-2013-6426 on Ubuntu 14.04 LTS (trusty) - medium. Description: The cloudformation-compatible API in OpenStack Orchestration API (Heat) before Havana 2013.2.1 and Icehouse before icehouse-2 does not properly enforce policy rules, which allows local in-instance users to bypass intended access restrictions and (1) create a stack via the CreateStack method or (2) update a stack via the UpdateStack method. Family: unix Class: vulnerability Status: Reference(s): CVE-2013-6426 Platform(s): Ubuntu 14.04 LTS Product(s): Definition Synopsis Ubuntu 14.04 LTS (trusty) is installed. AND NOT While related to the CVE in some way, the 'heat' package in trusty is not affected (note: '2014.1~rc1-0ubuntu1').
BACK