CVE-2013-6470 Information

Description

The default configuration in the standalone controller quickstack manifest in openstack-foreman-installer as used in Red Hat Enterprise Linux OpenStack Platform 4.0 disables authentication for Qpid which allows remote attackers to gain access by connecting to Qpid.

Reference

http://rhn.redhat.com/errata/RHSA-2014-0517.html https://bugzilla.redhat.com/show_bug.cgi?id=1051994