Denial of Service Vulnerability in OpenStack Compute by OpenStack
CVE-2015-3280
Currently unrated
Summary
The OpenStack Compute (nova) component prior to versions 2014.2.4 and 2015.1.2 contains a vulnerability that permits remote authenticated users to manipulate the lifecycle of compute instances. By failing to properly remove instances during the resizing process, users can exploit this flaw to fill available disk space, leading to performance degradation and service unavailability.
References
Timeline
Vulnerability published
Vulnerability Reserved