4 matches found
CVE-2015-3241
OpenStack Nova is affected by CVE-2015-3241. The issue: during instance migration, deleting an instance does not terminate the migration, enabling an authenticated remote user to cause denial of service by resizing and deleting instances, consuming disk/network/resources. Affected releases includ...
CVE-2015-7713
CVE-2015-7713 affects OpenStack Nova. The vulnerability arises when security group changes are not correctly applied to already-running instances, allowing remote attackers to bypass intended network restrictions. Affected releases: OpenStack Nova before 2014.2.4 (juno) and before 2015.1.x before...
CVE-2015-3280
OpenStack Compute (Nova) vulnerability CVE-2015-3280: when an authenticated user deletes an instance that is in the resize state, the original instance may not be deleted from the compute node, enabling a denial of service (disk depletion). This affects OpenStack Nova deployments such as OpenStac...
CVE-2015-0259
CVE-2015-0259 affects OpenStack Compute (Nova) prior to specific revisions (OpenStack Nova before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3) where the websocket origin is not validated. This enables remote attackers to hijack a user’s authenticated session for console access via ...