Vulnerability in Openstack Nova
CVE-2014-3608
The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by putting the VM into the rescue state, suspending it, which pu…
EPSS: 0.007 (72.2th percentile) — read the EPSS interpretation.
Affected products
- Openstack Nova
- N/a — versions n/a
Weakness classification (CWE)
References
- RHSA-2014:1782 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
- RHSA-2014:1781 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
- secalert@redhat.com (x_refsource_CONFIRM, Exploit, Third Party Advisory)
- [oss-security] 20141002 [OSSA 2014-032] Nova VMware driver still leaks rescued images (CVE-2014-3608) (mailing-list, x_refsource_MLIST, Mailing List, Third Party Advisory)
- 70220 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)