CVE-2012-2101

2012-04-1900:00:00

ubuntu.com

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

EPSS

0.013

Percentile

85.9%

JSON

Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the
number of security group rules, which allows remote authenticated users
with certain permissions to cause a denial of service (CPU and hard drive
consumption) via a network request that triggers a large number of iptables
rules.

Bugs

<https://bugs.launchpad.net/nova/+bug/969545>

OSVersionArchitecturePackageVersionFilename
ubuntu11.10noarchnova< 2011.3-0ubuntu6.6UNKNOWN
ubuntu12.04noarchnova< 2012.1-0ubuntu2.1UNKNOWN
ubuntu12.10noarchnova< 2012.1-0ubuntu2.1UNKNOWN