PT-2012-3807 · Openstack · Openstack Compute

Dan Prince

Published

2012-06-07

Updated

2022-05-17

CVE-2012-2101

CVSS v2.0

3.5

Low

Vector

AV:N/AC:M/Au:S/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Openstack Compute (Nova) versions 2011.3 through 2012.1

Description The issue allows remote authenticated users with certain permissions to cause a denial of service by consuming CPU and hard drive resources via a network request that triggers a large number of iptables rules, due to the lack of limitation on the number of security group rules.

Recommendations For versions 2011.3 through 2012.1, consider implementing a limit on the number of security group rules to prevent excessive resource consumption. As a temporary workaround, restrict access to users with permissions that could trigger a large number of iptables rules.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2012-2101

GHSA-HQ3F-9GF7-73R8

PYSEC-2012-36

Affected Products

Openstack Compute

PT-2012-3807 · Openstack · Openstack Compute

CVE-2012-2101

Weakness Enumeration

Related Identifiers

Affected Products

References · 21