Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2015:1723
HistorySep 03, 2015 - 5:07 p.m.

(RHSA-2015:1723) Moderate: openstack-nova security update

2015-09-0317:07:37
access.redhat.com
11

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.008 Low

EPSS

Percentile

79.5%

JSON

OpenStack Compute (nova) launches and schedules large networks of virtual
machines, creating a redundant and scalable cloud computing platform.
Compute provides the software, control panels, and APIs required to
orchestrate a cloud, including running virtual machine instances and
controlling access through users and projects.

A denial of service flaw was found in the OpenStack Compute (nova) instance
migration process. Because the migration process does not terminate when an
instance is deleted, an authenticated user could bypass user quota and
deplete all available disk space by repeatedly re-sizing and deleting an
instance. (CVE-2015-3241)

Red Hat would like to thank the OpenStack project for reporting this
issue. Upstream acknowledges George Shuklin of Webzilla LTD as the
original reporter.

All openstack-nova users are advised to upgrade to these updated packages,
which correct this issue.

OSVersionArchitecturePackageVersionFilename
RedHat7noarchopenstack-nova-network< 2015.1.0-18.el7ostopenstack-nova-network-2015.1.0-18.el7ost.noarch.rpm
RedHat7noarchopenstack-nova-spicehtml5proxy< 2015.1.0-18.el7ostopenstack-nova-spicehtml5proxy-2015.1.0-18.el7ost.noarch.rpm
RedHat7noarchopenstack-nova-novncproxy< 2015.1.0-18.el7ostopenstack-nova-novncproxy-2015.1.0-18.el7ost.noarch.rpm
RedHat7srcopenstack-nova< 2015.1.0-18.el7ostopenstack-nova-2015.1.0-18.el7ost.src.rpm
RedHat7noarchopenstack-nova-serialproxy< 2015.1.0-18.el7ostopenstack-nova-serialproxy-2015.1.0-18.el7ost.noarch.rpm
RedHat7noarchopenstack-nova-api< 2015.1.0-18.el7ostopenstack-nova-api-2015.1.0-18.el7ost.noarch.rpm
RedHat7noarchopenstack-nova-compute< 2015.1.0-18.el7ostopenstack-nova-compute-2015.1.0-18.el7ost.noarch.rpm
RedHat7noarchpython-nova< 2015.1.0-18.el7ostpython-nova-2015.1.0-18.el7ost.noarch.rpm
RedHat7noarchopenstack-nova-conductor< 2015.1.0-18.el7ostopenstack-nova-conductor-2015.1.0-18.el7ost.noarch.rpm
RedHat7noarchopenstack-nova-console< 2015.1.0-18.el7ostopenstack-nova-console-2015.1.0-18.el7ost.noarch.rpm
Rows per page:
1-10 of 171

Related

cve 1
veracode 2
debiancve 1
ubuntucve 1
prion 1
redhat 1
ibm 2
ubuntu 1
openvas 1
nessus 1
cve
cve
CVE-2015-3241
2015-09-08 15:59:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:07:42
Denial Of Service
2019-05-02 05:19:01
debiancve
debiancve
CVE-2015-3241
2015-09-08 15:59:00
ubuntucve
ubuntucve
CVE-2015-3241
2015-09-08 00:00:00
prion
prion
Design/Logic Flaw
2015-09-08 15:59:00
redhat
redhat
(RHSA-2015:1898) Moderate: openstack-nova security update
2015-10-15 12:09:54
ibm
ibm
Security Bulletin: OpenStack vulnerabilities affect IBM SmartCloud Entry(CVE-2015-5163 CVE-2015-3241 CVE-2015-5223)
2020-07-19 00:49:12
Security Bulletin: OpenStack vulnerabilities affect IBM Cloud Manager with Openstack (CVE-2015-5163 CVE-2015-3241 CVE-2015-5223)
2018-08-08 04:13:55
ubuntu
ubuntu
OpenStack Nova vulnerabilities
2017-10-11 00:00:00
openvas
openvas
Ubuntu Update for nova USN-3449-1
2017-10-12 00:00:00
nessus
nessus
Ubuntu 14.04 LTS : OpenStack Nova vulnerabilities (USN-3449-1)
2017-10-12 00:00:00

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.008 Low

EPSS

Percentile

79.5%

JSON
Related for RHSA-2015:1723
cve1veracode2debiancve1ubuntucve1prion1redhat1ibm2ubuntu1openvas1nessus1