CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
AI Score
Confidence
Low
EPSS
Percentile
80.4%
Dan Prince discovered that the Nova scheduler, when using
DifferentHostFilter or SameHostFilter, would make repeated database
instance lookup calls based on passed scheduler hints. An authenticated
attacker could use this to cause a denial of service.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 12.04 | noarch | python-nova | < 2012.1+stable~20120612-3ee026e-0ubuntu1.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | nova-ajax-console-proxy | < 2012.1+stable~20120612-3ee026e-0ubuntu1.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | nova-api | < 2012.1+stable~20120612-3ee026e-0ubuntu1.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | nova-api-ec2 | < 2012.1+stable~20120612-3ee026e-0ubuntu1.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | nova-api-metadata | < 2012.1+stable~20120612-3ee026e-0ubuntu1.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | nova-api-os-compute | < 2012.1+stable~20120612-3ee026e-0ubuntu1.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | nova-api-os-volume | < 2012.1+stable~20120612-3ee026e-0ubuntu1.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | nova-cert | < 2012.1+stable~20120612-3ee026e-0ubuntu1.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | nova-common | < 2012.1+stable~20120612-3ee026e-0ubuntu1.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | nova-compute | < 2012.1+stable~20120612-3ee026e-0ubuntu1.2 | UNKNOWN |