Vulnerability Details CVE-2013-4185
Algorithmic complexity vulnerability in OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote authenticated users to cause a denial of service (nova-network consumption) via a large number of server-creation operations, which triggers a large number of update requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.9%
CVSS Severity
CVSS v2 Score 4.0
References
Products affected by CVE-2013-4185
-
cpe:2.3:a:openstack:compute:2013.1
-
cpe:2.3:a:openstack:compute:2013.1.1
-
cpe:2.3:a:openstack:compute:2013.1.2
-
cpe:2.3:a:openstack:compute:2013.2
-
cpe:2.3:a:openstack:compute:2013.2.1
-
cpe:2.3:a:openstack:compute:2013.2.2
-
cpe:2.3:a:redhat:openstack:3.0