PT-2014-8417 · Openstack · Openstack Dashboard

Eric Peterson

Publicado

2014-12-12

Atualizado

2026-05-06

CVE-2014-8124

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions OpenStack Dashboard (Horizon) versions prior to 2014.1.3 OpenStack Dashboard (Horizon) versions 2014.2.x prior to 2014.2.1

Description The issue arises from improper handling of session records when using a db or memcached session engine. This allows remote attackers to cause a denial of service by sending a large number of requests to the login page.

Recommendations For versions prior to 2014.1.3, update to version 2014.1.3 or later. For versions 2014.2.x prior to 2014.2.1, update to version 2014.2.1 or later.

Correção

DoS

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-400

Identificadores relacionados

CVE-2014-8124

RHSA-2015:0839

RHSA-2015:0845

SUSE-RU-2015:0410-1

Produtos afetados

Openstack Dashboard

PT-2014-8417 · Openstack · Openstack Dashboard

CVE-2014-8124

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 17