Vulnerability in Openstack Swift
CVE-2014-7960
OpenStack Object Storage (Swift) before 2.2.0 allows remote authenticated users to bypass the max_meta_count and other metadata constraints via multiple crafted requests which exceed the limit when combined.
EPSS: 0.003 (53.4th percentile) — read the EPSS interpretation.
Affected products
- Openstack Swift
- N/a — versions n/a
Weakness classification (CWE)
References
- SUSE-SU-2015:1846 (vendor-advisory, x_refsource_SUSE)
- [oss-security] 20141008 Re: CVE request for vulnerability in OpenStack Swift (mailing-list, x_refsource_MLIST)
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
- RHSA-2015:1495 (x_refsource_REDHAT, vendor-advisory)
- RHSA-2015:0835 (x_refsource_REDHAT, vendor-advisory)
- openstack-swift-cve20147960-sec-bypass(96901) (vdb-entry, x_refsource_XF)
- [oss-security] 20141007 CVE request for vulnerability in OpenStack Swift (mailing-list, x_refsource_MLIST)
- cve@mitre.org (x_refsource_CONFIRM)
- USN-2704-1 (x_refsource_UBUNTU, vendor-advisory)
- 70279 (vdb-entry, x_refsource_BID)