Denial of Service Vulnerability in OpenStack Image Service (Glance)
CVE-2015-5286
Currently unrated
Key Information:
- Vendor
- Openstack
- Vendor
- CVE Published:
- 26 October 2015
Summary
The OpenStack Image Service (Glance) is susceptible to a vulnerability that allows remote authenticated users to bypass storage quotas. This occurs during the image upload process, where the token used can expire, enabling the deletion of images that are still being uploaded. This flaw stems from an incomplete fix for a prior vulnerability, leading to potential denial of service through excessive disk consumption.
References
Timeline
Vulnerability published
Vulnerability Reserved