Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
OpenstackNova

9 matches found

CVE
CVEadded 2014/10/31 2:55 p.m.77 views

CVE-2014-3708

OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an IP filter in a list active servers API request.

4CVSS6.2AI score0.01057EPSS
CVE
CVEadded 2014/08/07 11:13 a.m.64 views

CVE-2014-3517

api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2, when proxying metadata requests through Neutron, makes it easier for remote attackers to guess instance ID signatures via a brute-force attack that relies on timing differences in re...

4.3CVSS6.4AI score0.00248EPSS
CVE
CVEadded 2014/10/06 2:55 p.m.63 views

CVE-2014-3608

The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: t...

2.7CVSS6.2AI score0.00689EPSS
CVE
CVEadded 2014/03/06 3:55 p.m.53 views

CVE-2013-6437

The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service (disk consumption) by creating and deleting instances with unique os_type settings, which triggers the creation of a new ephemeral disk backin...

4CVSS6.1AI score0.00434EPSS
CVE
CVEadded 2014/01/23 9:55 p.m.53 views

CVE-2013-7048

OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots.

3.3CVSS6AI score0.00055EPSS
CVE
CVEadded 2014/10/31 2:55 p.m.52 views

CVE-2014-8333

The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state.

4CVSS6.2AI score0.00736EPSS
CVE
CVEadded 2014/10/08 7:55 p.m.48 views

CVE-2014-7230

The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.

2.1CVSS6.1AI score0.00123EPSS
CVE
CVEadded 2014/10/08 7:55 p.m.48 views

CVE-2014-7231

The strutils.mask_password function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 does not properly mask passwords when logging commands, which allows local users to obtain passwords by reading the log.

2.1CVSS6.1AI score0.00157EPSS
CVE
CVEadded 2014/10/15 2:55 p.m.40 views

CVE-2014-8750

Race condition in the VMware driver in OpenStack Compute (Nova) before 2014.1.4 and 2014.2 before 2014.2rc1 allows remote authenticated users to access unintended consoles by spawning an instance that triggers the same VNC port to be allocated to two different instances.

6.5CVSS6.3AI score0.01342EPSS