Denial of Service Vulnerability in OpenStack Compute by Canonical
CVE-2013-1838
Currently unrated
Summary
OpenStack Compute (Nova) versions Grizzly, Folsom, and Essex fail to adequately enforce quotas on fixed IPs. This weakness allows remote authenticated users to overwhelm the system by invoking the addFixedIp function excessively. As a result, the resource exhaustion leads to service disruption, preventing the spawning of new instances and impacting overall system availability.
References
Timeline
Vulnerability published
Vulnerability Reserved