Denial of Service Vulnerability in OpenStack Swift by OpenStack
CVE-2013-4155

Currently unrated

Key Information:

Vendor
Openstack
Status
Vendor
CVE Published:
20 August 2013

Summary

An issue exists in OpenStack Swift versions prior to 1.9.1 that allows authenticated users to inadvertently cause a denial of service. This occurs when an authenticated user sends a DELETE request with a timestamp older than the expected range, leading to excessive tombstone consumption and subsequent degradation of the Swift cluster's performance. Administrators should ensure they are running an updated version of OpenStack Swift to mitigate potential disruptions.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.