5 matches found
CVE-2022-37394
CVE-2022-37394 (OpenStack Nova) : An issue in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2 allows an authenticated user to cause a compute service denial of service. The attack sequence is: create a Neutron port with the direct vnic_type, create an instance bound to th...
CVE-2015-9543
OpenStack Nova up to 18.2.4, 19.x up to 19.1.0, and 20.x up to 20.1.0 is vulnerable to leaking consoleauth tokens into log files when using novncproxy. The issue is tied to NovaProxyRequestHandlerBase.new_websocket_client in console/websocketproxy.py. A user with read access to the service logs c...
CVE-2013-7048
CVE-2013-7048 affects OpenStack Nova (Grizzly 2013.1.4, Havana 2013.2.1 and earlier). The libvirt/live-snapshot path permissions were world-writable/world-readable in the temporary directory used for live snapshots, allowing a local attacker with shell access to read and modify snapshots before u...
CVE-2015-7548
CVE-2015-7548 affects OpenStack Nova (Kilo/liberty branch) and allows a local authenticated user to read host files by overwriting an instance disk with a crafted image and requesting a snapshot. The root cause is in the instance snapshot flow when using libvirt/early Nova code paths, enabling ar...
CVE-2012-2101
OpenStack Compute (Nova) in Folsom, 2012.1, and 2011.3, is vulnerable because it does not cap the number of security group rules. This allows remote authenticated users with certain permissions to trigger a denial of service by issuing a network request that creates a large number of iptables rul...