Denial of Service Vulnerability in OpenStack Compute by Apache Qpid
CVE-2013-4261
Currently unrated
Summary
OpenStack Compute (Nova) instances that utilize Apache Qpid for the RPC messaging backend exhibit a vulnerability where improper error handling can lead to a denial of service. This can be exploited by remote attackers who send multiple requests with excessively long strings to the instance console, ultimately depleting the connection pool and rendering the service unavailable. It is essential for administrators to recognize and mitigate this vulnerability in vulnerable versions to safeguard their deployments against potential abuse.
References
Timeline
Vulnerability published
Vulnerability Reserved