CVE-2016-8611

4.3MEDIUM

Key Information:

Vendor: The Openstack Foundation
Status: Openstack-glance
Vendor: CVE Published:; 31 July 2018

Summary

A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 /images API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation.

Affected Version(s)

openstack-glance v1 and v2

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8611

x_refsource_CONFIRM

http://www.securitytracker.com/id/1037312

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/94378

vdb-entryx_refsource_BID

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 31, 2018
Vulnerability Reserved
Oct 12, 2016

.