Vulnerability Details CVE-2014-8177
The Red Hat gluster-swift package, as used in Red Hat Gluster Storage (formerly Red Hat Storage Server), allows remote authenticated users to bypass the max_meta_count constraint via multiple crafted requests which exceed the limit when combined.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 36.1%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
- http://rhn.redhat.com/errata/RHSA-2015-1845.html
- http://rhn.redhat.com/errata/RHSA-2015-1846.html
- http://www.openwall.com/lists/oss-security/2015/08/27/5
- https://bugzilla.redhat.com/show_bug.cgi?id=1257525
- http://rhn.redhat.com/errata/RHSA-2015-1845.html
- http://rhn.redhat.com/errata/RHSA-2015-1846.html
- http://www.openwall.com/lists/oss-security/2015/08/27/5
- https://bugzilla.redhat.com/show_bug.cgi?id=1257525
Products affected by CVE-2014-8177
-
cpe:2.3:a:redhat:gluster_storage_management_console:3.1
-
cpe:2.3:a:redhat:gluster_storage_server:3.1
-
cpe:2.3:a:redhat:storage_native_client:-
-
cpe:2.3:o:redhat:enterprise_linux:6.0
-
cpe:2.3:o:redhat:enterprise_linux:7.0