OpenStack Dashboard (Horizon) prior to 2014.1.3 and 2014.2.x prior to 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote malicious users to cause a denial of service via a large number of requests to the login page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openstack horizon |
||
fedoraproject fedora 21 |
||
opensuse opensuse 13.1 |
||
oracle solaris 11.2 |