CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
EPSS
Percentile
85.9%
Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the
number of security group rules, which allows remote authenticated users
with certain permissions to cause a denial of service (CPU and hard drive
consumption) via a network request that triggers a large number of iptables
rules.