OSSA-2014-038: Nova network DoS through API filtering

OSSA-2014-038: Nova network DoS through API filtering

Date

October 28, 2014

CVE

CVE-2014-3708

Affects

  • Nova: up to 2014.1.3, and 2014.2

Description

Mohammed Naser from Vexxhost reported a vulnerability in Nova API filters. By listing active servers using an ip filter, an authenticated user may overload nova-network or neutron-server process, resulting in a denial of services. All Nova setups are affected.

Credits

  • Mohammed Naser from Vexxhost (CVE-2014-3708)

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.