Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9623

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2014-9623
Last Modified 05 Oct 2015 05:36:24
Published 23 Jan 2015 10:59:06
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2014-9623

Summary

OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting an image in the saving state.

Vulnerable Systems

Application

  • Openstack Image Registry And Delivery Service %28glance%29 2014.1.3

  • Openstack Image Registry And Delivery Service %28glance%29 2014.2

  • Redhat Openstack 5.0


References

CONFIRM - https://bugs.launchpad.net/glance/+bug/1398830

CONFIRM - https://bugs.launchpad.net/glance/+bug/1383973

MLIST - [oss-security] 20150118 Re: CVE request for vulnerability in OpenStack Glance

SECUNIA - 62165

REDHAT - RHSA-2015:0644

REDHAT - RHSA-2015:0838

REDHAT - RHSA-2015:0837


Last Updated: 27 May 2016 11:10:00