CVE-2015-3241

Currently unrated 🤨

Key Information

Vendor: Openstack
Status: Nova
Vendor: CVE Published:; 8 September 2015

Summary

OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.

References

http://rhn.redhat.com/errata/RHSA-2015-1723.html

vendor-advisoryx_refsource_REDHAT

http://www.securityfocus.com/bid/75372

vdb-entryx_refsource_BID

http://rhn.redhat.com/errata/RHSA-2015-1898.html

vendor-advisoryx_refsource_REDHAT

EPSS Score

2% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 8, 2015
Vulnerability Reserved
Apr 10, 2015

Collectors

NVD DatabaseMitre Database