) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
Search Parameters:
- Keyword (text search): cpe:2.3:a:openstack:nova:2013.2.4:*:*:*:*:*:*:*
- CPE Name Search: true
There are 2 matching records.
Displaying matches 1 through 2.
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2014-3608 |
The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2573. Published: October 06, 2014; 10:55:09 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 2.7 LOW |
| CVE-2014-3517 |
api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2, when proxying metadata requests through Neutron, makes it easier for remote attackers to guess instance ID signatures via a brute-force attack that relies on timing differences in responses to instance metadata requests. Published: August 07, 2014; 7:13:34 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |