icon

We found results for “

CVE-2014-2573

Good to know:

icon

Date: March 25, 2014

The VMWare driver in OpenStack Compute (Nova) 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by requesting the VM be put into rescue and then deleting the image.

Language: Python

Severity Score

Severity Score

Weakness Type (CWE)

Permissions, Privileges, and Access Control

CWE-264

Top Fix

icon

Upgrade Version

Upgrade to version 2013.2.4

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): LOW
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): LOW

CVSS v2

Base Score:
Access Vector (AV): ADJACENT
Access Complexity (AC): MEDIUM
Authentication (AU): SINGLE
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): PARTIAL
Additional information:

Do you need more information?

Contact Us