Denial of Service Vulnerability in OpenStack Glance Image Registry and Delivery Service

Denial of Service Vulnerability in OpenStack Glance Image Registry and Delivery Service

CVE-2014-5356 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:N/A:P

OpenStack Image Registry and Delivery Service (Glance) before 2013.2.4, 2014.x before 2014.1.3, and Juno before Juno-3, when using the V2 API, does not properly enforce the image_size_cap configuration option, which allows remote authenticated users to cause a denial of service (disk consumption) by uploading a large image.

Learn more about our Api Penetration Testing.