Lucene search

GitHub Advisory DatabaseGHSA-MFMJ-GWG3-VHW7

HistoryMay 14, 2022 - 1:58 a.m.

OpenStack Compute (nova) allows remote authenticated users to cause a denial of service

2022-05-1401:58:45

GitHub Advisory Database

github.com

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.006 Low

EPSS

Percentile

78.9%

JSON

OpenStack Compute (nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances while in the resize state.

CPENameOperatorVersion
novalt2015.1.2
novalt2014.2.4

CPE	Name	Operator	Version
	nova	lt	2015.1.2
	nova	lt	2014.2.4

References

rhn.redhat.com/errata/RHSA-2015-1898.html

www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html

www.securityfocus.com/bid/76553

access.redhat.com/errata/RHSA-2015:1898

access.redhat.com/security/cve/CVE-2015-3280

bugzilla.redhat.com/show_bug.cgi?id=1257942

github.com/advisories/GHSA-mfmj-gwg3-vhw7

launchpad.net/bugs/1392527

nvd.nist.gov/vuln/detail/CVE-2015-3280

security.openstack.org/ossa/OSSA-2015-017.html

web.archive.org/web/20200228023247/www.securityfocus.com/bid/76553

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.006 Low

EPSS

Percentile

78.9%

JSON

Related for GHSA-MFMJ-GWG3-VHW7