Denial of Service Vulnerability in OpenStack Dashboard by OpenStack
CVE-2014-8124

Currently unrated

Key Information:

Vendor
Openstack
Status
Vendor
CVE Published:
12 December 2014

Summary

The OpenStack Dashboard (Horizon) prior to versions 2014.1.3 and 2014.2.1 contains a vulnerability that improperly handles session records when configured with a database or memcached session engine. This flaw allows remote attackers to exploit the system by sending an excessive number of requests to the login page, potentially leading to service interruptions and denial of authentication access for legitimate users.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.