ID |
CVE-2013-6437
|
Summary |
The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service (disk consumption) by creating and deleting instances with unique os_type settings, which triggers the creation of a new ephemeral disk backing file. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:openstack:nova:2013.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:2013.1:*:*:*:*:*:*:*
-
cpe:2.3:a:openstack:nova:2013.1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:2013.1.0:rc1:*:*:*:*:*:*
-
cpe:2.3:a:openstack:nova:2013.1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:2013.1.0:rc2:*:*:*:*:*:*
-
cpe:2.3:a:openstack:nova:2013.1.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:2013.1.1:*:*:*:*:*:*:*
-
cpe:2.3:a:openstack:nova:2013.1.2:*:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:2013.1.2:*:*:*:*:*:*:*
-
cpe:2.3:a:openstack:nova:2013.1.3:*:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:2013.1.3:*:*:*:*:*:*:*
-
cpe:2.3:a:openstack:nova:2013.1.4:*:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:2013.1.4:*:*:*:*:*:*:*
-
cpe:2.3:a:openstack:nova:2013.2:*:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:2013.2:*:*:*:*:*:*:*
-
cpe:2.3:a:openstack:nova:2013.2.0:beta1:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:2013.2.0:beta1:*:*:*:*:*:*
-
cpe:2.3:a:openstack:nova:2013.2.0:beta2:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:2013.2.0:beta2:*:*:*:*:*:*
-
cpe:2.3:a:openstack:nova:2013.2.0:beta3:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:2013.2.0:beta3:*:*:*:*:*:*
-
cpe:2.3:a:openstack:nova:2013.2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:2013.2.0:rc1:*:*:*:*:*:*
-
cpe:2.3:a:openstack:nova:2013.2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:2013.2.0:rc2:*:*:*:*:*:*
-
cpe:2.3:a:openstack:nova:2013.2.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:2013.2.1:*:*:*:*:*:*:*
-
cpe:2.3:a:openstack:nova:2014.1:milestone1:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:2014.1:milestone1:*:*:*:*:*:*
|
CVSS |
Base: | 4.0 (as of 16-11-2018 - 14:55) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-399 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
SINGLE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:S/C:N/I:N/A:P
|
redhat
via4
|
advisories | | rpms | - openstack-nova-0:2013.2.2-2.el6ost
- openstack-nova-api-0:2013.2.2-2.el6ost
- openstack-nova-cells-0:2013.2.2-2.el6ost
- openstack-nova-cert-0:2013.2.2-2.el6ost
- openstack-nova-common-0:2013.2.2-2.el6ost
- openstack-nova-compute-0:2013.2.2-2.el6ost
- openstack-nova-conductor-0:2013.2.2-2.el6ost
- openstack-nova-console-0:2013.2.2-2.el6ost
- openstack-nova-doc-0:2013.2.2-2.el6ost
- openstack-nova-network-0:2013.2.2-2.el6ost
- openstack-nova-novncproxy-0:2013.2.2-2.el6ost
- openstack-nova-objectstore-0:2013.2.2-2.el6ost
- openstack-nova-scheduler-0:2013.2.2-2.el6ost
- python-nova-0:2013.2.2-2.el6ost
|
|
refmap
via4
|
|
Last major update |
16-11-2018 - 14:55 |
Published |
06-03-2014 - 15:55 |
Last modified |
16-11-2018 - 14:55 |