A denial of service flaw was found in the nova VMware driver. An authenticated user could exceed their quota by placing an image into rescue and then deleting it, causing the rescue image to be left behind. Note that only setups using the nova VMware driver were affected.
Find out more about CVE-2014-2573 from the MITRE CVE dictionary dictionary and NIST NVD.
NOTE: The following CVSS v2 metrics and score provided are preliminary and subject to review.
Base Score | 4 |
---|---|
Base Metrics | AV:N/AC:L/Au:S/C:N/I:N/A:P |
Access Vector | Network |
Access Complexity | Low |
Authentication | Single |
Confidentiality Impact | None |
Integrity Impact | None |
Availability Impact | Partial |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Platform | Package | State |
---|---|---|
Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) | openstack-nova | Not affected |
Red Hat Enterprise Linux OpenStack Platform 4.0 | openstack-nova | Will not fix |
Red Hat Enterprise Linux OpenStack Platform 3.0 | openstack-nova | Will not fix |