Vulnerabilities > Openstack > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-04-15 | CVE-2014-2828 | Improper Authentication vulnerability in Openstack Keystone The V3 API in OpenStack Identity (Keystone) 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service (CPU consumption) via a large number of the same authentication method in a request, aka "authentication chaining." | 7.8 |
2014-02-06 | CVE-2013-7130 | Information Exposure vulnerability in Openstack products The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage. | 7.1 |
2013-08-20 | CVE-2013-2161 | Code Injection vulnerability in multiple products XML injection vulnerability in account/utils.py in OpenStack Swift Folsom, Grizzly, and Havana allows attackers to trigger invalid or spoofed Swift responses via an account name. | 7.5 |