Handler on Duty: Rob VandenBrink
Threat Level: green
| Published | 2016-09-27 15:59:00 |
|---|---|
| Last Modified | 2023-02-12 23:25:00 |
| AKA | CVE-2016-7498 |
| Summary | OpenStack Compute (nova) 13.0.0 does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances while in the resize state. NOTE: this vulnerability exists because of a CVE-2015-3280 regression. |
| CVSS Score | 6.8 |
| Access Vector | Local | Adjacent | Network |
|---|---|---|---|
| Access Complexity | Low | Medium | High |
| Authentication | None | Single | Multiple |
| Confidentiality | None | Partial | Complete |
| Integrity | None | Partial | Complete |
| Availability | None | Partial | Complete |
