Openstack · Openstack Compute · CVE-2014-3708
**Name of the Vulnerable Software and Affected Versions**
OpenStack Compute (Nova) versions prior to 2014.1.4
OpenStack Compute (Nova) versions 2014.2.x prior to 2014.2.1
**Description**
The issue allows remote authenticated users to cause a denial of service, specifically CPU consumption, by exploiting an IP filter in a list of active servers API request.
**Recommendations**
For versions prior to 2014.1.4, update to version 2014.1.4 or later.
For versions 2014.2.x prior to 2014.2.1, update to version 2014.2.1 or later.