4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
6.1 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
59.1%
The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service (disk consumption) by creating and deleting instances with unique os_type settings, which triggers the creation of a new ephemeral disk backing file.
CPE | Name | Operator | Version |
---|---|---|---|
openstack:nova | openstack nova | lt | 2013.1.5 |
openstack:nova | openstack nova | lt | 2013.2.2 |
openstack:nova | openstack nova | eq | 2014.1 |