4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
60.1%
OpenStack Object Storage (Swift) before 2.2.0 allows remote authenticated
users to bypass the max_meta_count and other metadata constraints via
multiple crafted requests which exceed the limit when combined.
Author | Note |
---|---|
jdstrand | per upstream, this is a minor issue |
lists.openstack.org/pipermail/openstack-announce/2014-October/000291.html
launchpad.net/bugs/cve/CVE-2014-7960
marc.info/?l=oss-security&m=141275839830221&w=2
nvd.nist.gov/vuln/detail/CVE-2014-7960
rhn.redhat.com/errata/RHSA-2015-0836.html
security-tracker.debian.org/tracker/CVE-2014-7960
ubuntu.com/security/notices/USN-2704-1
www.cve.org/CVERecord?id=CVE-2014-7960