Lucene search
K
OpenstackNova

7 matches found

CVE
CVE
added 2014/10/31 2:0 p.m.100 views

CVE-2014-3708

CVE-2014-3708 affects OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1. The vulnerability arises from how an IP filter is processed in the list active servers API request, allowing remote authenticated users to cause a denial of service (CPU consumption). Public advisories (R...

4CVSS6.2AI score0.02783EPSS
CVE
CVE
added 2012/08/17 12:0 a.m.93 views

CVE-2012-1585

CVE-2012-1585 affects OpenStack Compute (Nova) Essex before 2011.3. The vulnerability allows remote authenticated users to cause a denial of service by submitting a long server name, which triggers excessive growth of the nova-api log file and disk consumption. The connected documents confirm the...

4CVSS5.2AI score0.02073EPSS
CVE
CVE
added 2014/08/07 10:0 a.m.87 views

CVE-2014-3517

OpenStack Nova metadata proxy (api/metadata/handler.py) is affected when proxying metadata requests through Neutron. The vulnerability allows timing-based brute-forcing to guess instance ID signatures. Affected ranges include OpenStack Compute (Nova) before 2013.2.4, 2014.x before 2014.1.2, and J...

4.3CVSS6.4AI score0.01938EPSS
CVE
CVE
added 2012/08/20 6:0 p.m.76 views

CVE-2012-3447

OpenStack Compute (Nova) vulnerability affecting the 2012.1.x branch prior to 2012.1.2 and Folsom prior to Folsom-3. A remote authenticated user can overwrite arbitrary files via a symlink attack on a file inside an image that uses a symlink readable only by root. The issue stems from an incomple...

4.9CVSS6.2AI score0.01933EPSS
CVE
CVE
added 2014/03/06 3:0 p.m.76 views

CVE-2013-6437

The CVE-2013-6437 issue affects the libvirt driver in OpenStack Nova (Compute) prior to 2013.2.2 and IceHouse prior to icehouse-2. An authenticated user can trigger disk growth and denial of service by repeatedly creating and deleting instances while using unique os_type settings, causing the cre...

4CVSS6.1AI score0.0202EPSS
CVE
CVE
added 2014/10/31 2:0 p.m.73 views

CVE-2014-8333

CVE-2014-8333 affects the VMware driver in OpenStack Compute (Nova) prior to 2014.1.4. An authenticated user can trigger a denial-of-service (disk consumption) by deleting an instance that is in the resize state, causing backend resource exhaustion. Remediation reported in associated advisories: ...

4CVSS6.2AI score0.02006EPSS
CVE
CVE
added 2012/01/13 6:0 p.m.61 views

CVE-2012-0030

CVE-2012-0030 affects Nova 2011.3 and Essex when using the OpenStack API, allowing remote authenticated users to bypass tenant access restrictions via a modified project_id in an OSAPI request. Root cause: insufficient validation of project_id in OSAPI calls. A fix is available in OpenStack Nova ...

4.9CVSS5.3AI score0.01758EPSS