38 matches found
CVE-2021-3654
The CVE-2021-3654 issue affects openstack-nova’s console proxy, noVNC, where crafting a malicious URL can trigger an open redirect to an attacker-controlled site. This could enable users to be redirected to a malicious page, potentially exposing sensitive information or enabling further actions. ...
CVE-2019-14433
The CVE-2019-14433 issue affects OpenStack Nova (versions before 17.0.12, 18.x before 18.2.2, 19.x before 19.0.2). It allows authenticated API requests that fault to leak environment details in responses, potentially exposing sensitive configuration data (partial confidentiality impact). Red Hat ...
CVE-2022-47951
CVE-2022-47951 affects OpenStack components (Cinder, Glance, Nova): by supplying a specially crafted VMDK flat image referencing a backing file path, an authenticated user could cause the server to return the contents of that backing file, enabling unauthorized data access. Affected ranges: Cinde...
CVE-2020-17376
CVE-2020-17376 : In OpenStack Nova, a vulnerability in Guest.migrate (virt/libvirt/guest.py) allows a user to access destination-host devices that share paths with source-host devices after performing a soft reboot of an instance that has previously undergone live migration. Affected are OpenStac...
CVE-2022-37394
CVE-2022-37394 (OpenStack Nova) : An issue in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2 allows an authenticated user to cause a compute service denial of service. The attack sequence is: create a Neutron port with the direct vnic_type, create an instance bound to th...
CVE-2011-4076
OpenStack Nova before 2012.1 is affected: if a user possesses an EC2_ACCESS_KEY (like a username), they may derive the EC2_SECRET_KEY (password). Exposing the EC2_ACCESS_KEY over HTTP or via tools that enable MITM over HTTPS could allow an attacker to obtain the secret key; brute-forcing EC2_ACCE...
CVE-2017-18191
CVE-2017-18191 - OpenStack Nova: In OpenStack Nova 15.x (up to 15.1.0) and 16.x (up to 16.1.1), detaching and reattaching an encrypted volume can allow an attacker to access the underlying raw volume and corrupt the LUKS header, causing a denial of service on the compute host (data loss is noted ...
CVE-2024-40767
CVE-2024-40767 affects OpenStack Nova: before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, where supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or a VMDK flat image with a descriptor file path can cause the server to return the contents of the refe...
CVE-2024-32498
CVE-2024-32498 affects OpenStack components: Cinder (up to 24.0.0), Glance (up to 28.0.2), and Nova (up to 29.0.3). The issue allows arbitrary file access via a crafted QCOW2 external data reference; an authenticated user can cause the server to return contents of a sensitive file by referencing ...
CVE-2015-3241
OpenStack Nova is affected by CVE-2015-3241. The issue: during instance migration, deleting an instance does not terminate the migration, enabling an authenticated remote user to cause denial of service by resizing and deleting instances, consuming disk/network/resources. Affected releases includ...
CVE-2015-9543
OpenStack Nova up to 18.2.4, 19.x up to 19.1.0, and 20.x up to 20.1.0 is vulnerable to leaking consoleauth tokens into log files when using novncproxy. The issue is tied to NovaProxyRequestHandlerBase.new_websocket_client in console/websocketproxy.py. A user with read access to the service logs c...
CVE-2014-3708
CVE-2014-3708 affects OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1. The vulnerability arises from how an IP filter is processed in the list active servers API request, allowing remote authenticated users to cause a denial of service (CPU consumption). Public advisories (R...
CVE-2015-5162
CVE-2015-5162 affects OpenStack components OpenStack Cinder, Glance, and Nova where the image parser does not properly limit qemu-img calls. This can allow an unprivileged user to trigger a denial of service through crafted disk images, consuming RAM and disk space on the compute host. Affected v...
CVE-2012-1585
CVE-2012-1585 affects OpenStack Compute (Nova) Essex before 2011.3. The vulnerability allows remote authenticated users to cause a denial of service by submitting a long server name, which triggers excessive growth of the nova-api log file and disk consumption. The connected documents confirm the...
CVE-2017-16239
CVE-2017-16239 affects OpenStack Nova: when rebuilding an instance, authenticated users may bypass the Filter Scheduler (e.g., ImagePropertiesFilter, IsolatedHostsFilter), affecting all setups using the Nova Filter Scheduler across 14.x, 15.x, and 16.x branches. Root cause is a regression that al...
CVE-2013-2256
CVE-2013-2256 concerns OpenStack Compute (Nova) where, prior to 2013.1.3 (and Havana prior to havana-2), the system did not properly enforce the os-flavor-access:is_public property. This allowed remote authenticated users to obtain flavor information, boot arbitrary flavors by guessing IDs, and p...
CVE-2016-2140
CVE-2016-2140 concerns OpenStack Nova’s libvirt driver. When using raw storage with use_cow_images = false, crafted qcow2 headers could allow a remote authenticated user to read arbitrary files on the host via an ephemeral or root disk. The issue affects OpenStack Compute (Nova) releases prior to...
CVE-2014-3608
CVE-2014-3608 affects the OpenStack Nova VMware driver. The vulnerability arises when a VM is put into RESCUE, causing quota bypass and DoS via image deletion; it stems from an incomplete fix for CVE-2014-2573. Affected: OpenStack Nova VMware driver (2013.2 to 2013.2.2 and before 2014.1.3). Impac...
CVE-2015-7713
CVE-2015-7713 affects OpenStack Nova. The vulnerability arises when security group changes are not correctly applied to already-running instances, allowing remote attackers to bypass intended network restrictions. Affected releases: OpenStack Nova before 2014.2.4 (juno) and before 2015.1.x before...
CVE-2014-3517
OpenStack Nova metadata proxy (api/metadata/handler.py) is affected when proxying metadata requests through Neutron. The vulnerability allows timing-based brute-forcing to guess instance ID signatures. Affected ranges include OpenStack Compute (Nova) before 2013.2.4, 2014.x before 2014.1.2, and J...
CVE-2015-3280
OpenStack Compute (Nova) vulnerability CVE-2015-3280: when an authenticated user deletes an instance that is in the resize state, the original instance may not be deleted from the compute node, enabling a denial of service (disk depletion). This affects OpenStack Nova deployments such as OpenStac...
CVE-2015-0259
CVE-2015-0259 affects OpenStack Compute (Nova) prior to specific revisions (OpenStack Nova before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3) where the websocket origin is not validated. This enables remote attackers to hijack a user’s authenticated session for console access via ...
CVE-2015-7548
CVE-2015-7548 affects OpenStack Nova (Kilo/liberty branch) and allows a local authenticated user to read host files by overwriting an instance disk with a crafted image and requesting a snapshot. The root cause is in the instance snapshot flow when using libvirt/early Nova code paths, enabling ar...
CVE-2017-7214
The CVE-2017-7214 issue affects OpenStack Nova, where legacy notification exception contexts in ERROR level logs may reveal sensitive data (e.g., passwords, tokens) via exception_wrapper.py. Affected series include 13.x–15.0.1; exploitation details are not provided in the documents. Red Hat advis...
CVE-2013-6437
The CVE-2013-6437 issue affects the libvirt driver in OpenStack Nova (Compute) prior to 2013.2.2 and IceHouse prior to icehouse-2. An authenticated user can trigger disk growth and denial of service by repeatedly creating and deleting instances while using unique os_type settings, causing the cre...
CVE-2013-7048
CVE-2013-7048 affects OpenStack Nova (Grizzly 2013.1.4, Havana 2013.2.1 and earlier). The libvirt/live-snapshot path permissions were world-writable/world-readable in the temporary directory used for live snapshots, allowing a local attacker with shell access to read and modify snapshots before u...
CVE-2012-3447
OpenStack Compute (Nova) vulnerability affecting the 2012.1.x branch prior to 2012.1.2 and Folsom prior to Folsom-3. A remote authenticated user can overwrite arbitrary files via a symlink attack on a file inside an image that uses a symlink readable only by root. The issue stems from an incomple...
CVE-2014-8333
CVE-2014-8333 affects the VMware driver in OpenStack Compute (Nova) prior to 2014.1.4. An authenticated user can trigger a denial-of-service (disk consumption) by deleting an instance that is in the resize state, causing backend resource exhaustion. Remediation reported in associated advisories: ...
CVE-2014-7231
OpenStack Oslo utility library issue CVE-2014-7231 affects Cinder, Nova, and Trove before versions 2013.2.4 and 2014.1 before 2014.1.3. The strutils.mask_password() function did not properly mask passwords in command logs, enabling a local user with read access to logs to retrieve passwords. Reme...
CVE-2014-7230
CVE-2014-7230 affects OpenStack components (oslo-incubator, Cinder, Nova, Trove). The vulnerability arises in processutils.execute where certain commands that trigger a ProcessExecutionError may write passwords to logs, allowing local attackers to read them. Mitigations involve upgrading to upstr...
CVE-2011-4596
OpenStack Nova vulnerability CVE-2011-4596 affects OpenStack Nova before 2011.3.1 when EC2 API and the S3/RegisterImage image-registration method are enabled. It allows remote authenticated users to overwrite arbitrary files via a crafted tarball or manifest. Impact details in the reference CVSS ...
CVE-2015-8749
CVE-2015-8749 affects OpenStack Nova (Compute) when using the Xen backend. The function volume_utils._parse_volume_info can cause the StorageError message to include the connection_info dictionary, potentially exposing sensitive password information via logs or other vectors. Affected versions: O...
CVE-2017-17051
OpenStack Nova CVE-2017-16239 affects stable/pike and later with the fix for OSSA-2017-005. By repeatedly rebuilding an instance with new images using the default FilterScheduler, an authenticated user may cause untracked resource allocations on a hypervisor, leading to denial of service (doubled...
CVE-2012-0030
CVE-2012-0030 affects Nova 2011.3 and Essex when using the OpenStack API, allowing remote authenticated users to bypass tenant access restrictions via a modified project_id in an OSAPI request. Root cause: insufficient validation of project_id in OSAPI calls. A fix is available in OpenStack Nova ...
CVE-2014-8750
CVE-2014-8750 is a race condition in the OpenStack Nova VMware driver related to VNC port allocation. An authenticated user could cause two instances to receive the same VNC port, potentially exposing unauthorized consoles across tenants. Affected setups are those using the VMware driver with the...
CVE-2013-0326
Technical details about CVE-2013-0326 are not publicly available in the provided connected documents. Monitor for updates.
CVE-2012-2101
OpenStack Compute (Nova) in Folsom, 2012.1, and 2011.3, is vulnerable because it does not cap the number of security group rules. This allows remote authenticated users with certain permissions to trigger a denial of service by issuing a network request that creates a large number of iptables rul...
CVE-2011-3147
CVE-2011-3147 concerns OpenStack Nova: when processing a malicious qcow filesystem, versions of Nova prior to 2012.1 could expose host hypervisor filesystem information to the guest. Multiple sources (e.g., OSV, GHSA advisories, and CVE records) describe the issue as a qcow-related exposure of ho...