Memory Leak in OpenStack Neutron Routes Middleware
CVE-2021-40797
6.5MEDIUM
Summary
In OpenStack Neutron, an identified flaw in the routes middleware can be exploited by authenticated users through API requests targeting nonexistent controllers. This misuse leads to excessive memory consumption by the API worker, which adversely affects API performance and can potentially result in a denial of service. Appropriate measures or updates are recommended to mitigate this issue.
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved