Improper input validation in Openstack Compute
CVE-2012-3371
The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service (excessive database lookup calls and s…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.009 (75.7th percentile) — read the EPSS interpretation.
Affected products
- Openstack Compute — versions 2012.2
- Openstack Essex — versions 2012.1
- Openstack Folsom — versions 2012.2
- N/a — versions n/a
Weakness classification (CWE)
References
- 54388 (vdb-entry, x_refsource_BID)
- [openstack] 20120711 [OSSA 2012-009] Scheduler denial of service through scheduler_hints (CVE-2012-3371) (mailing-list, x_refsource_MLIST)
- secalert@redhat.com (x_refsource_CONFIRM, Exploit)
- [oss-security] 20120711 [OSSA 2012-009] Scheduler denial of service through scheduler_hints (CVE-2012-3371) (mailing-list, x_refsource_MLIST)
- USN-1501-1 (x_refsource_UBUNTU, vendor-advisory)
- secalert@redhat.com (x_refsource_CONFIRM, Exploit, Patch)