CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-5286

OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting images that are being uploaded using a token that expires during the process. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-9623.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.0%

CVSS Severity

CVSS v2 Score 6.8

References

Products affected by CVE-2015-5286

Openstack » Image Registry And Delivery Service (Glance) » Version: N/A

cpe:2.3:a:openstack:image_registry_and_delivery_service_(glance):-
Openstack » Image Registry And Delivery Service (Glance) » Version: 2013.2

cpe:2.3:a:openstack:image_registry_and_delivery_service_(glance):2013.2
Openstack » Image Registry And Delivery Service (Glance) » Version: 2013.2.1

cpe:2.3:a:openstack:image_registry_and_delivery_service_(glance):2013.2.1
Openstack » Image Registry And Delivery Service (Glance) » Version: 2013.2.2

cpe:2.3:a:openstack:image_registry_and_delivery_service_(glance):2013.2.2
Openstack » Image Registry And Delivery Service (Glance) » Version: 2013.2.3

cpe:2.3:a:openstack:image_registry_and_delivery_service_(glance):2013.2.3
Openstack » Image Registry And Delivery Service (Glance) » Version: 2013.2.4

cpe:2.3:a:openstack:image_registry_and_delivery_service_(glance):2013.2.4
Openstack » Image Registry And Delivery Service (Glance) » Version: 2014.1

cpe:2.3:a:openstack:image_registry_and_delivery_service_(glance):2014.1
Openstack » Image Registry And Delivery Service (Glance) » Version: 2014.1.1

cpe:2.3:a:openstack:image_registry_and_delivery_service_(glance):2014.1.1
Openstack » Image Registry And Delivery Service (Glance) » Version: 2014.1.2

cpe:2.3:a:openstack:image_registry_and_delivery_service_(glance):2014.1.2
Openstack » Image Registry And Delivery Service (Glance) » Version: 2014.1.3

cpe:2.3:a:openstack:image_registry_and_delivery_service_(glance):2014.1.3
Openstack » Image Registry And Delivery Service (Glance) » Version: 2014.1.4

cpe:2.3:a:openstack:image_registry_and_delivery_service_(glance):2014.1.4
Openstack » Image Registry And Delivery Service (Glance) » Version: 2014.2

cpe:2.3:a:openstack:image_registry_and_delivery_service_(glance):2014.2
Openstack » Image Registry And Delivery Service (Glance) » Version: 2014.2.1

cpe:2.3:a:openstack:image_registry_and_delivery_service_(glance):2014.2.1
Openstack » Image Registry And Delivery Service (Glance) » Version: 2014.2.2

cpe:2.3:a:openstack:image_registry_and_delivery_service_(glance):2014.2.2
Openstack » Image Registry And Delivery Service (Glance) » Version: 2015.1.0

cpe:2.3:a:openstack:image_registry_and_delivery_service_(glance):2015.1.0
Openstack » Image Registry And Delivery Service (Glance) » Version: 2015.1.1

cpe:2.3:a:openstack:image_registry_and_delivery_service_(glance):2015.1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-5286

Products

Pricing

Contact Us