Suntao

**Name of the Vulnerable Software and Affected Versions** OpenStack Compute (Nova) versions prior to 2014.2.4 (juno) OpenStack Compute (Nova) versions 2015.1.x prior to 2015.1.2 (kilo) **Description** The issue allows remote attackers to bypass intended restrictions by leveraging an instance that was running when security group changes were made, due to the improper application of these changes. **Recommendations** For versions prior to 2014.2.4 (juno), update to version 2014.2.4 or later. For versions 2015.1.x prior to 2015.1.2 (kilo), update to version 2015.1.2 or later.