Denial Of Service (DoS)

2019-01-1508:58:17

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.003 Low

EPSS

Percentile

68.1%

JSON

openstack-swift is vulnerable to denial of service (DoS) attacks. The vulnerabiltiy exists as OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service (“superfluous” tombstone consumption and Swift cluster slowdown) via a DELETE request with a timestamp that is older than expected.

CPENameOperatorVersion
openstack-swifteq1.4.8__4.el6
openstack-swifteq1.8.0__3.el6ost
openstack-swifteq1.8.0__2.el6ost
openstack-swifteq1.7.4__2.el6
openstack-swifteq1.7.4__11.el6ost
openstack-swifteq1.7.4__7.el6ost
openstack-swifteq1.4.8__5.el6
openstack-swifteq1.7.4__9.el6ost
openstack-swifteq1.8.0__6.el6ost

Name	Operator	Version
openstack-swift	eq	1.4.8__4.el6
openstack-swift	eq	1.8.0__3.el6ost
openstack-swift	eq	1.8.0__2.el6ost
openstack-swift	eq	1.7.4__2.el6
openstack-swift	eq	1.7.4__11.el6ost
openstack-swift	eq	1.7.4__7.el6ost
openstack-swift	eq	1.4.8__5.el6
openstack-swift	eq	1.7.4__9.el6ost
openstack-swift	eq	1.8.0__6.el6ost