CVE-2013-6470

Severity CVSS v4.0:
Pending analysis
Type:
CWE-287 Authentication Issues
Publication date:
02/06/2014
Last modified:
12/04/2025

Description

The default configuration in the standalone controller quickstack manifest in openstack-foreman-installer, as used in Red Hat Enterprise Linux OpenStack Platform 4.0, disables authentication for Qpid, which allows remote attackers to gain access by connecting to Qpid.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*