Lucene search

PRIOn knowledge basePRION:CVE-2015-3241

HistorySep 08, 2015 - 3:59 p.m.

Design/Logic Flaw

2015-09-0815:59:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.008 Low

EPSS

Percentile

81.5%

JSON

OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.

CPENameOperatorVersion
novage2015.1.0
novale2015.1.1
novage2014.2
novale2014.2.3

Name	Operator	Version
nova	ge	2015.1.0
nova	le	2015.1.1
nova	ge	2014.2
nova	le	2014.2.3

References

rhn.redhat.com/errata/RHSA-2015-1723.html

rhn.redhat.com/errata/RHSA-2015-1898.html

www.securityfocus.com/bid/75372

github.com/openstack/ossa/blob/482576204dec96f580817b119e3166d71c757731/ossa/OSSA-2015-015.yaml

launchpad.net/bugs/1387543

security.openstack.org/ossa/OSSA-2015-015.html

6.6 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.008 Low

EPSS

Percentile

81.5%

JSON

Related for PRION:CVE-2015-3241