Vulnerability in Openstack Cinder

CVE-2013-4202

The (1) backup (api/contrib/backups.py) and (2) volume transfer (contrib/volume_transfer.py) APIs in OpenStack Cinder Grizzly 2013.1.3 and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an…

EPSS: 0.008 (75.1th percentile) — read the EPSS interpretation.

Affected products

Openstack Cinder
Canonical Ubuntu_linux — versions 13.04
N/a — versions n/a

Weakness classification (CWE)

CWE-399

References

RHSA-2013:1198 (x_refsource_REDHAT, vendor-advisory, Patch, Third Party Advisory)
secalert@redhat.com (x_refsource_CONFIRM, Third Party Advisory)
USN-2005-1 (x_refsource_UBUNTU, vendor-advisory, Third Party Advisory)