Jhenner

**Name of the Vulnerable Software and Affected Versions** OpenStack Compute (Nova) versions 2013.2 through 2013.2.2 **Description** The issue allows remote authenticated users to bypass the quota limit and cause a denial of service by requesting a VM be put into rescue and then deleting the image, due to the VMWare driver not properly putting VMs into RESCUE status. **Recommendations** For OpenStack Compute (Nova) versions 2013.2 through 2013.2.2, consider restricting access to the VM rescue functionality to prevent unauthorized users from exploiting this issue. As a temporary workaround, consider implementing additional quota checks to limit resource consumption. At the moment, there is no information about a newer version that contains a fix for this vulnerability.