Denial of Service Vulnerability in OpenStack Compute (Nova)

Denial of Service Vulnerability in OpenStack Compute (Nova)

CVE-2013-1838 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:N/A:P

OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) does not properly implement a quota for fixed IPs, which allows remote authenticated users to cause a denial of service (resource exhaustion and failure to spawn new instances) via a large number of calls to the addFixedIp function.

Learn more about our User Device Pen Test.