Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-4202

Опубликовано: 08 авг. 2013
Источник: redhat
CVSS2: 5
EPSS Низкий

Описание

The (1) backup (api/contrib/backups.py) and (2) volume transfer (contrib/volume_transfer.py) APIs in OpenStack Cinder Grizzly 2013.1.3 and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat OpenStack Platform 4openstack-cinderAffected
OpenStack 3 for RHEL 6openstack-cinderFixedRHSA-2013:119803.09.2013

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=991630OpenStack: Cinder Denial of Service using XML entities

EPSS

Процентиль: 74%
0.00841
Низкий

5 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-4202

ubuntu
больше 12 лет назад

The (1) backup (api/contrib/backups.py) and (2) volume transfer (contrib/volume_transfer.py) APIs in OpenStack Cinder Grizzly 2013.1.3 and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664.

nvd логотип

CVE-2013-4202

nvd
больше 12 лет назад

The (1) backup (api/contrib/backups.py) and (2) volume transfer (contrib/volume_transfer.py) APIs in OpenStack Cinder Grizzly 2013.1.3 and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664.

debian логотип

CVE-2013-4202

debian
больше 12 лет назад

The (1) backup (api/contrib/backups.py) and (2) volume transfer (contr ...

github логотип

GHSA-mfg4-9xf4-f45q

github
больше 3 лет назад

OpenStack Cinder Denial of Service using XML entities

EPSS

Процентиль: 74%
0.00841
Низкий

5 Medium

CVSS2