Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Published: 2014-10-31
Updated: 2023-02-13
Summary
OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an IP filter in a list active servers API request.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Redhat
| advisories | |
| rpms | - openstack-nova-api-0:2014.1.4-3.el7ost
- openstack-nova-cells-0:2014.1.4-3.el7ost
- openstack-nova-cert-0:2014.1.4-3.el7ost
- openstack-nova-common-0:2014.1.4-3.el7ost
- openstack-nova-compute-0:2014.1.4-3.el7ost
- openstack-nova-conductor-0:2014.1.4-3.el7ost
- openstack-nova-console-0:2014.1.4-3.el7ost
- openstack-nova-doc-0:2014.1.4-3.el7ost
- openstack-nova-network-0:2014.1.4-3.el7ost
- openstack-nova-novncproxy-0:2014.1.4-3.el7ost
- openstack-nova-objectstore-0:2014.1.4-3.el7ost
- openstack-nova-scheduler-0:2014.1.4-3.el7ost
- openstack-nova-serialproxy-0:2014.1.4-3.el7ost
- python-nova-0:2014.1.4-3.el7ost
- openstack-nova-0:2014.1.4-3.el6ost
- openstack-nova-api-0:2014.1.4-3.el6ost
- openstack-nova-cells-0:2014.1.4-3.el6ost
- openstack-nova-cert-0:2014.1.4-3.el6ost
- openstack-nova-common-0:2014.1.4-3.el6ost
- openstack-nova-compute-0:2014.1.4-3.el6ost
- openstack-nova-conductor-0:2014.1.4-3.el6ost
- openstack-nova-console-0:2014.1.4-3.el6ost
- openstack-nova-doc-0:2014.1.4-3.el6ost
- openstack-nova-network-0:2014.1.4-3.el6ost
- openstack-nova-novncproxy-0:2014.1.4-3.el6ost
- openstack-nova-objectstore-0:2014.1.4-3.el6ost
- openstack-nova-scheduler-0:2014.1.4-3.el6ost
- openstack-nova-serialproxy-0:2014.1.4-3.el6ost
- python-nova-0:2014.1.4-3.el6ost
|