CVE-2012-2101 – nova

Package

Manager: pip
Name: nova
Vulnerable Version: >=0 <12.0.0a0

Severity

Level: Low

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:R

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS: 0.00885 pctl0.74491

Details

Openstack Compute (Nova) Denial of service via network request that triggers large number of iptables rules Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authenticated users with certain permissions to cause a denial of service (CPU and hard drive consumption) via a network request that triggers a large number of iptables rules.

Metadata

Created: 2022-05-17T01:46:41Z
Modified: 2024-11-22T18:05:26Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-hq3f-9gf7-73r8/GHSA-hq3f-9gf7-73r8.json
CWE IDs: []
Alternative ID: GHSA-hq3f-9gf7-73r8
Finding: F002
Auto approve: 1