Veracode Vulnerability DatabaseVERACODE:11796Denial Of Service (DoS)
EPSS
Percentile
82.0%
openstack-nova is vulnerable to denial of service (DoS) attacks. The vulnerability exists as OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.
References
rhn.redhat.com/errata/RHSA-2015-1723.html
rhn.redhat.com/errata/RHSA-2015-1898.html
www.securityfocus.com/bid/75372
access.redhat.com/errata/RHSA-2015:1723
access.redhat.com/errata/RHSA-2015:1898
access.redhat.com/security/cve/CVE-2015-3241
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1232782
github.com/openstack/ossa/blob/482576204dec96f580817b119e3166d71c757731/ossa/OSSA-2015-015.yaml
launchpad.net/bugs/1387543
rhn.redhat.com/errata/RHSA-2015-1723.html
security.openstack.org/ossa/OSSA-2015-015.html
Related
