Denial of Service Vulnerability in OpenStack Image Registry by OpenStack
CVE-2015-1881
Currently unrated
Key Information:
- Vendor
- Openstack
- Vendor
- CVE Published:
- 24 February 2015
Summary
The OpenStack Image Registry and Delivery Service (Glance) versions 2014.2 through 2014.2.2 have a vulnerability that fails to properly manage image removal. This oversight allows remote authenticated users to exploit the system by creating a large volume of images through the task v2 API, followed by their deletion. This leads to excessive disk consumption and can disrupt service availability.
References
Timeline
Vulnerability published
Vulnerability Reserved