Ubuntu Security Notice (C) 2014 Canonical, Inc. / NASL script (C) 2014 Tenable Network Security, Inc.
The remote Ubuntu host is missing a security-related patch.
USN-2208-1 fixed vulnerabilities in OpenStack Cinder. This update
provides the corresponding updates for OpenStack Quantum.
JuanFra Rodriguez Cardoso discovered that OpenStack Cinder did not
enforce SSL connections when Nova was configured to use QPid and
qpid_protocol is set to 'ssl'. If a remote attacker were able to
perform a man-in-the-middle attack, this flaw could be exploited to
view sensitive information. Ubuntu does not use QPid with Nova by
Update the affected python-quantum package.
Risk factor :
Medium / CVSS Base Score : 4.3
Family: Ubuntu Local Security Checks
Nessus Plugin ID: 73906 ()
CVE ID: CVE-2013-6491
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.