Openstack: >> Nova >> 2013.1.3 Security Vulnerabilities
The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service (disk consumption) by creating and deleting instances with unique os_type settings, which triggers the creation of a new ephemeral disk backing file.
CVSS Score
4.0
EPSS Score
0.004
Published
2014-03-06
OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots.
CVSS Score
3.3
EPSS Score
0.001
Published
2014-01-23