Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-5356

Опубликовано: 25 авг. 2014
Источник: nvd
CVSS2: 4
EPSS Низкий

Описание

OpenStack Image Registry and Delivery Service (Glance) before 2013.2.4, 2014.x before 2014.1.3, and Juno before Juno-3, when using the V2 API, does not properly enforce the image_size_cap configuration option, which allows remote authenticated users to cause a denial of service (disk consumption) by uploading a large image.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):*:*:*:*:*:*:*:*
Версия до 2013.2.3 (включая)
cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):2013.2:*:*:*:*:*:*:*
cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):2013.2.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):2013.2.2:*:*:*:*:*:*:*
cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):2014.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):2014.1.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):2014.1.2:*:*:*:*:*:*:*
cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):juno-1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:image_registry_and_delivery_service_\(glance\):juno-2:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

EPSS

Процентиль: 74%
0.00804
Низкий

4 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2014-5356

ubuntu
больше 11 лет назад

OpenStack Image Registry and Delivery Service (Glance) before 2013.2.4, 2014.x before 2014.1.3, and Juno before Juno-3, when using the V2 API, does not properly enforce the image_size_cap configuration option, which allows remote authenticated users to cause a denial of service (disk consumption) by uploading a large image.

redhat логотип

CVE-2014-5356

redhat
почти 12 лет назад

OpenStack Image Registry and Delivery Service (Glance) before 2013.2.4, 2014.x before 2014.1.3, and Juno before Juno-3, when using the V2 API, does not properly enforce the image_size_cap configuration option, which allows remote authenticated users to cause a denial of service (disk consumption) by uploading a large image.

debian логотип

CVE-2014-5356

debian
больше 11 лет назад

OpenStack Image Registry and Delivery Service (Glance) before 2013.2.4 ...

github логотип

GHSA-479j-jf2p-38pg

github
больше 3 лет назад

OpenStack Glance improper validation of the image_size_cap configuration option

EPSS

Процентиль: 74%
0.00804
Низкий

4 Medium

CVSS2

Дефекты

CWE-264