Name of the Vulnerable Software and Affected Versions Openstack Compute (Nova) versions 2011.3 through 2012.1

Description The issue allows remote authenticated users with certain permissions to cause a denial of service by consuming CPU and hard drive resources via a network request that triggers a large number of iptables rules, due to the lack of limitation on the number of security group rules.

Recommendations For versions 2011.3 through 2012.1, consider implementing a limit on the number of security group rules to prevent excessive resource consumption. As a temporary workaround, restrict access to security group rule management for users with certain permissions to minimize the risk of exploitation.