Описание
OpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests to the login page.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1:2015.1~b1-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1:2014.1.4-0ubuntu2]] |
| lucid | DNE | |
| precise | not-affected | see notes |
| trusty | released | 1:2014.1.4-0ubuntu2 |
| trusty/esm | DNE | trusty was released [1:2014.1.4-0ubuntu2] |
| upstream | released | 2014.1.3-6 |
| utopic | not-affected | 1:2014.2.1-0ubuntu2 |
| vivid | not-affected | 1:2015.1~b1-0ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | includes regression fix |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [see notes]] |
| lucid | DNE | |
| precise | DNE | |
| trusty | not-affected | see notes |
| trusty/esm | DNE | trusty was not-affected [see notes] |
| upstream | released | 1.1.6-5 |
| utopic | not-affected | see notes |
| vivid | not-affected | see notes |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
OpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests to the login page.
OpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests to the login page.
OpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before 2014 ...
OpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests to the login page.
EPSS
5 Medium
CVSS2