CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-2573

The VMWare driver in OpenStack Compute (Nova) 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by requesting the VM be put into rescue and then deleting the image.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.5%

CVSS Severity

CVSS v2 Score 2.3

References

http://secunia.com/advisories/57498
http://www.openwall.com/lists/oss-security/2014/03/21/1
http://www.openwall.com/lists/oss-security/2014/03/21/2
https://bugs.launchpad.net/nova/+bug/1269418
http://secunia.com/advisories/57498
http://www.openwall.com/lists/oss-security/2014/03/21/1
http://www.openwall.com/lists/oss-security/2014/03/21/2
https://bugs.launchpad.net/nova/+bug/1269418

Products affected by CVE-2014-2573

Openstack » Compute » Version: 2013.2

cpe:2.3:a:openstack:compute:2013.2
Openstack » Compute » Version: 2013.2.1

cpe:2.3:a:openstack:compute:2013.2.1
Openstack » Compute » Version: 2013.2.2

cpe:2.3:a:openstack:compute:2013.2.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-2573

Products

Pricing

Contact Us