Denial of Service Vulnerability in OpenStack Nova Scheduler
CVE-2012-3371

Currently unrated

Key Information:

Vendor
Openstack
Vendor
CVE Published:
17 July 2012

Summary

The Nova scheduler in OpenStack Compute is susceptible to a denial of service attack when specific filters are applied. This vulnerability allows remote authenticated users to exploit the system by sending requests containing numerous repeated IDs in the os:scheduler_hints section, resulting in excessive database lookup calls and potential server hang, impacting the overall performance of the system.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.